Cloudflare says it should have caught mis-issued 1.1.1.1 certificates earlier
6 days ago
- #Cloudflare
- #TLS certificates
- #DNS security
- Three mis-issued TLS certificates for Cloudflare’s 1.1.1.1 DNS service were discovered, raising security concerns.
- Nine additional mis-issued certificates were found, totaling 12 since February 2024.
- Cloudflare stated there's no evidence of malicious use of these certificates.
- Fina CA, the certificate authority, claimed the certificates were for internal testing and were mistakenly issued due to incorrect IP address entries.
- All mis-issued certificates have been revoked.
- Cloudflare acknowledged a lapse in detecting the mis-issuances earlier via Certificate Transparency.