Cybersecurity Data & Analytics Digital Workspace Cloud Infrastructure Application Development Artificial Intelligence
Services Overview
Workshops Assessments Masterminds Technical Solutions Manager Cybersecurity Advisory Program Implementation Project Management Staffing
Insights Security Videos News Events
Why Alchemy Partners Team Awards Careers Contact Us
Blog | Company February 5, 2020

ADC Wildcard Certificate List, Should You Be Concerned?

ADC Wildcard Certificate List, Should You Be Concerned?

Recently, a list of potentially compromised wildcard certificate names was referenced in an article and uploaded to GitHub.  The list was massive: over 12000 wildcard addresses exposed from all over the globe. But what does the list mean, and what should you do?

Here is what we know about the list in question:

  • It is no longer available via GitHub.
  • The list was generated between January 9th and January 10th through an automated scan.
  • The list represents wildcard certs that were potentially exposed and not necessarily compromised.

Based on what we know regarding the timeline of events, it is very possible that your organization ran the remediation steps shortly after this list was generated but before the vulnerability was exposed by the various exploit scanners. Still, in an abundance of caution, your organization should consider reissuing your wildcard certificate. This can be a daunting task, since wildcard certs are an easy way to manage certificates across an organization and can find their way into nearly every service.

Alchemy’s recommendations for reissuing and replacing the certificate on the ADC are as follows:

  • Generate a new wildcard Certificate Signing Request (CSR) on your platform of choice.
  • Contact your certificate provider to have the cert reissued with the new CSR. It is important that the new certificate is issued without revoking the one being replaced, otherwise services outside of the ADC may fail.
  • Import the certificate (and any intermediates required to complete the cert chain).
  • Unbind the existing wildcard keypair and bind the new wildcard keypair to any service using the potentially exposed certificate.
  • Test and migrate the remaining  services outside of the ADC to the new wildcard certificate.
  • Revoke the potentially exposed certificate.
As always, our Alchemists are available to assist. Please contact us at netscaler.vulnerability@alchemytechgroup.com or contact your Alchemy sales representative as soon as possible.

Original link for list (now defunct) – https://github.com/tijlvdb/wildcarded-citrix-2020/blob/master/exposed_wildcards.txt

Reddit comment regarding list in question – https://www.reddit.com/r/Citrix/comments/ey93oi/exposed_wildcard_certificates_citrix_netscaler/fgkgxlf?utm_source=share&utm_medium=web2x

Timeline data and remediation steps – https://www.poppelgaard.com/cve-2019-19781-what-you-should-know-and-how-to-fix-your-citrix-adc-access-gateway

Author

Author avatar Alchemy Author
Share

More Articles

Insights
Nov 21, 2025

How Azure Virtual Desktop Is Shaping the Future of Hybrid Workloads

doug-lind avatar Doug Lind
Insights
Nov 6, 2025

From Login to Loyalty: Turning Authentication into a Brand Experience

pascal-pierre-louis avatar Pascal Pierre Louis
Insights
Oct 24, 2025

Modern Endpoint Management with Intune and Nerdio: What IT Leaders Need to Know