The preliminary incident report has been published on Bugzilla:
https://bugzilla.mozilla.org/show_bug.cgi?id=2011713 On Wednesday, January 21, 2026 at 7:44:56 PM UTC+8 Rollin Yu wrote: > Thank you for your follow-up. > 1. Relationship and infrastructure > LiteSSL(website), FreeSSL, and 51ssl are certificate distribution > platforms under the TrustAsia group, but they do not share CA > infrastructure. All certificate issuance and domain validation are > performed solely by TrustAsia’s CA systems. > 2. Wildcard validation methods > 51ssl does not use file-based verification (Method 3.2.2.4.18) for > wildcard certificates. > 51ssl is only a distribution platform and does not perform domain > validation. All validations are conducted by TrustAsia CA in compliance > with the CA/Browser Forum Baseline Requirements. > > On Wednesday, January 21, 2026 at 7:37:21 PM UTC+8 Roger M Lambdin wrote: > >> Revised: I rewrote the email and corrected some errors. >> >> Hello, Thank you for your reply. I'm still investigating the LiteSSL >> issue and have uncovered some new aspects. >> >> The blog page associated with LiteSSL's FreeSSL mentions this article: >> >> “51ssl免费通配符证书申请流程”[1] >> >> It mentions a website called 51ssl. I noticed that LiteSSL, FreeSSL, and >> 51ssl all carry the label “亚数信息科技(上海)有限公司” >> >> This article promotes how to apply for wildcard domain certificates using >> 51ssl. >> >> It outlines three methods: >> >> 1. DNS (CNAME) verification >> >> 2. File verification (i.e., 3.2.2.4.18) >> >> 3. Email verification >> >> I am more concerned with the second method. Wildcard domains cannot be >> verified using the file method. >> >> This article was published on June 24, 2022. >> >> However, the CA/B Baseline Requirements stated on December 1, 2021: >> >> CAs MUST NOT use methods 3.2.2.4.6, 3.2.2.4.18, or 3.2.2.4.19 to issue >> wildcard certificates or with Authorization Domain Names other than the >> FQDN. >> >> I have the following questions: >> >> 1. LiteSSL, FreeSSL, 51ssl, and TrustAsia. Do they use the same >> infrastructure? >> >> 2. Is 51ssl still using these methods to validate wildcard certificates? >> If not, when was this corrected? Was a report filed? >> >> [1] >> https://web.archive.org/web/20250215190449/https://blog.freessl.cn/mian-fei-tong-pei-fu-zheng-shu-shen-qing-liu-cheng/ >> >> >> >> On Wednesday, January 21, 2026 at 5:42:25 PM UTC+8 Rollin Yu wrote: >> >>> Thank you for your feedback. We have acknowledged this issue and >>> suspended the affected ACME certificate issuance service at 15:40 (UTC+8) >>> on January 21, 2026. >>> >>> We have identified the cause. The issue affects only the recently >>> launched free ACME service (litessl.cn). We are currently identifying >>> the impacted certificates and will complete the revocation within 24 hours. >>> >>> We will publish a incident report as soon as possible and will keep you >>> informed of any key developments. >>> >>> On Wednesday, January 21, 2026 at 4:59:07 PM UTC+8 Roger M Lambdin wrote: >>> >>>> >>>> I've noticed this CA has just been found to have a major vulnerability. >>>> >>>> A security researcher discovered the following issues with LiteSSL's >>>> ACME server: >>>> >>>> According to his post [1]: >>>> >>>> 1. Flawed ACME IP throttling policy causes frequent certificate >>>> issuance failures >>>> >>>> 2. DNS -01 challenge can be exploited to issue wildcard certificates >>>> for arbitrary domains. >>>> >>>> The second issue is particularly severe. Reproduction steps: >>>> >>>> 1. Create a LiteSSL ACME account using your own domain and pass the >>>> DNS-01 challenge to request a wildcard certificate >>>> >>>> 2. View the list of wildcard certificates issued by this CA and select >>>> any one arbitrarily [2]. >>>> >>>> 3. Using your own ACME account, construct an ACME request to apply for >>>> a wildcard certificate for the selected domain [3]. >>>> >>>> I recommend the following actions: >>>> >>>> 1. Based on this CA's certificate issuance list, we need to identify >>>> which wildcard certificates have been issued [2]. >>>> >>>> 2. The CA must take action to fix the vulnerability in the ACME server. >>>> >>>> 3. The CA must submit an incident report. We need to know: When was the >>>> DNS-01 challenge implemented? How did the vulnerability occur? When was >>>> the >>>> earliest exploitation of this vulnerability? Which certificates were >>>> erroneously issued? >>>> >>>> 4. Revoke the erroneously issued wildcard certificates and immediately >>>> notify the owners of these domains. >>>> >>>> 5. Based on the certificate CA information, this company is a >>>> subordinate CA of TrustAsia. We need to know: Does LiteSSL share >>>> infrastructure with them? >>>> >>>> 6. This CA must conduct a thorough investigation of its security >>>> measures and provide a report. >>>> >>>> [1] Original source: https://archive.ph/u6U2p >>>> >>>> [2] Certificate list: https://crt.sh/?CN=%25&iCAID=438132 >>>> >>>> [3] Certificate issued by the researcher: https://crt.sh/?q=vaadd.com >>>> >>>> >>>> >>>> >>>> >>>> >>>> -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/7625ea1d-1f7f-4e38-96df-0a41914fb2d8n%40mozilla.org.
