On Tuesday, 10 October 2017 12:05:15 UTC+2, mart...@camerfirma.com wrote:
> https://crt.sh/?id=3D227157888 is a certificate issued by Camerfirma.
> We've detected it at 09/10/2017 18:36 (UTC+2) in a daily internal control=
made by our quality team.
> It's due an invalid character in the request, we're applying a manual con=
trol to prevent this error.
> We're developing a technical control to prevent this kind of errors.
> We're going to replace (revoke and issue another one) the certificate onc=
e we can contact with the client (they=E2=80=99re in a different time zone =
> Juan Angel
Sounds like a CSR-injection vulnerability. ;-)