Symantec's Response to Suspicious Issuance Claim

Alerts ID:    ALERT2195    Updated:    01/27/2017




On January 26, 2017, Symantec updated the CA and browser community about a partner’s misissuance of certificates. CrossCert, a WebTrust audited Registration Authority (RA) partner in Korea, overrode compliance failure flags and issued certificates in violation of Symantec policy and CA/B Forum Baseline Requirements. After becoming aware of this issue, Symantec immediately disabled all issuance privileges for CrossCert and revoked any valid and active certificates. Symantec has taken over validation and issuance for all pending and new orders submitted through CrossCert. Additionally, Symantec is reviewing its RA partners, controls and procedures. Our investigation remains on-going, a detailed Certificate Problem Report has been published.


Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Knowledge Center

Search Tips