Open Bug 2025135 Opened 4 days ago Updated 3 days ago

SHECA: Test Website certificate expired

Categories

(CA Program :: CA Certificate Compliance, task)

Product:
CA Program
Component:
CA Certificate Compliance
Type:
task

Tracking

(Not tracked)

Status:
ASSIGNED

People

(Reporter: wangjiatai, Assigned: wangjiatai)

Details

(Whiteboard: [ca-compliance] [policy-failure])

Preliminary Incident Report

Summary

  • Incident description:

SHECA received a third-party alert that the Test Website - Revoked (https://rsaevg3.revoked.sheca.com/) certificate registered in CCADB had expired. The new certificate has now been replaced. SHECA is analyzing the cause of the related issues.

  • Relevant policies:
    Relevant policies: This is a violation of section 2.2 of the TLS BRs:

2.2 Publication of information:

The CA SHALL host test Web pages that allow Application Software Suppliers to test their software with Subscriber Certificates that chain up to each publicly trusted Root Certificate. At a minimum, the CA SHALL host separate Web pages using Subscriber Certificates that are

i. valid,
ii. revoked, and
iii. expired.

  • Source of incident disclosure:

Third Party Reported: A Certificate Problem Report was submitted to notify us of the issue on 2026-03-22 at 08:01 UTC+8.

Assignee: nobody → wangjiatai
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Whiteboard: [ca-compliance] [policy-failure]
You need to log in before you can comment on or make changes to this bug.