Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6107

CAA validation allows issuance of wildcard certificates for subdomains, even though issuance is prohibited.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: EJBCA 6.9.0.4
    • Fix Version/s: EJBCA 6.9.0.6
    • Component/s: None
    • Labels:

      Description

      CAA validation allows issuance of wildcard certificates for subdomains, even though issuance is prohibited.

      In other words, even though wildcard issuance may be blocked for a domain *.example.com, a request for *.subdomain.example.com will pass.

        Attachments

          Activity

            People

            • Assignee:
              mikek Mike Agrenius Kushner
              Reporter:
              mikek Mike Agrenius Kushner
              Verified by:
              Tomas Gustavsson
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: