Dear developers,
although you have already been contacted directly by Entrust, we wanted to let you know again that there are issues with some EV digital certificates issued by Entrust. Please see below for more information.
Summary:
• Entrust discovered that some Extended Validation (EV) TLS certificates (EV Multi-Domain SSL, QWAC eIDAS, QWAC PSD2) were missing a specific component required by the EV Guidelines. This component links the certificate to the Certificate Policy (CP) and the Certification Practice Statement (CPS) of the issuer.
• Entrust has taken steps to address the issue and prevent it from happening again. Any of the specified certificate types issued after 21:40 UTC today, Mar 18, 2024 are not affected.
• Entrust is required to revoke affected certificates as soon as possible, which will occur on Saturday, March 23, 2024 at 21:00 UTC
Action Required:
• The affected EV Certificates issued after September 11th, 17:40 UTC, 2023, to March 18th, 21:40 UTC, 2024, will need to be replaced by issuing a new certificate and revoking the old certificate(s) shortly thereafter.
Your Commerzbank Support-Team
