Зарегистрируйтесь сейчас для лучшей персонализированной цитаты!

Google, Apple, and GoDaddy withdraw more than 1 million digital certificates due to an error

13 Марта 2023 года Hi-network.com

GoDaddy, Apple, and Google mistakenly issued more than 1 million digital certificates that violate the CA/Browser Forum rules for issuing certificates. Now companies are forced to withdraw certificates because their serial numbers contain 63 bits, instead of 64. It is not clear how many certification authorities (CAs) are affected by the problem, so the number of incorrect certificates may be significantly higher.
The problem was caused by incorrect configuration of the Enterprise Java Beans CA (EJBCA) which is used by many certification authorities to generate certificates. By default EJBCA generates a certificate with a serial number that contains 64 bits, however, due to an error, new certificates were generated in violation of industry standards.
The incorrect certificates do not pose a particular security risk, but can cause a lengthy problem with replacement. It can take several hours while many businesses do not have an automated system to replace a large number of certificates. Moreover, unprofessional replacement of the certificate may lead to the emergence of new vulnerabilities, or impact company operations.

 

 

tag-icon Горячие метки: Безопасность в сети

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.