The corporate has set up their new fancy CA with ACME protocol. We use it to automatically issue certificates for all our internal services. Moreover, every employee was requested to install our new cool Root CA certificate.
It's just running for a few months and we have noticed that something extremely strange is going on. Somebody has obtained the correct certificate for
example.como_O. Just look:-----BEGIN CERTIFICATE----- MIICvzCCAmagAwIBAgIQQl2WzzfbdH4l/ORkR1pFIDAKBggqhkjOPQQDAjBKMRsw GQYDVQQKExJFQ1NDMjAyMyBDb3Jwb3JhdGUxKzApBgNVBAMTIkVDU0MyMDIzIENv cnBvcmF0ZSBJbnRlcm1lZGlhdGUgQ0EwHhcNMjMwNTIxMTcwMzU4WhcNMjMwNTIy MTcwNDU4WjAAMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7l+eraX 9pa46w+GdaLkWG9s50DKnC9+TbFHNuRGbLEJ01piEKcXJMd7qjtiLn8Luwn1A2q+ C9rjzZnkElnTUG7lb+2XIKCpuEBpR9C1ikHRwTeYiBm7GYBFKbI3roTIZHi6K3hc TnLNOi1WIOYXyXHQd4CVey3W7AVb78JogC0ybl+WRAEoDEiEGJ2DFKB8uif2NBZb F4xGLSznUQIsb095XMwSLNLim2CCE/8Xci4Ae1J44iCd9Ce6q8JMfblUHC/qFjnx I7JRr6cLc4756NkMyVUIyx6OtMqGbR8QwNIbyaophE8vv5JRati9f47egKc1Nwud KvwD22jHaed4ywIDAQABo4GsMIGpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFDP0YcYTWi4lkIkexHGRmpeq +I+FMB8GA1UdIwQYMBaAFEyFcN3kt89/sm7b38UQaL3ry1jlMBkGA1UdEQEB/wQP MA2CC2V4YW1wbGUuY29tMB0GDCsGAQQBgqRkxihAAQQNMAsCAQYEBGFjbWUEADAK BggqhkjOPQQDAgNHADBEAiAZgKVVx7+AhpUezE2Frjs76pJ8ndUAQ5ZdxpLl6OUh oAIgOboWrx5IqP4YlQo39eSgWMOcfoK51j56cjmL2ZKmEyo= -----END CERTIFICATE-----This certificate is indeed correctly signed by our intermediate CA :(. Which is even worse, it's that we have checked the CA software logs and this issuance is indeed there! It seems like somebody has just started the http-01 challenge for
example.comand it went through succesfully.Now I'm seriously confused. Could you try to get another certificate for
<your_nickname>.example.comand paste it to the "Certificate Checker"? It's going to let me know automatically.
Format flagi:
ecsc23{litery_cyfry_i_znaki_specjalne}.
W razie wątpliwości lub pytań dotyczących konkursu zapraszamy na naszego Discorda: https://discord.gg/gAtRKa2rcn.