Hi there.
I am a PKI admin at my organization. A server engineer recently alerted me to an odd situation with a few web server certificates that he had requested last November. The certs were issued (for two years) from one of our internal Certificate Authorities, and applied successfully to his ESX servers, enabling secured access to the server's web link. The website now presents the error "There is a problem with this website's security certificate", as well as "The security certificate presented by this website was not issued by a trusted certificate authority." Looking at the cert, the "Issued by:" field has been modified from our CA name to an ip address which belongs to one of our internal Bluecoat Proxy servers. Also, the cert's serial number has been changed as well as a few other cert details.
Has anyone seen an internal PKI certificate overritten before, or know how this could have happend?
Thank you!
Patrick
|