ActiveProspect incident

Certificates unable to capture consent language

Minor Resolved View vendor source →

ActiveProspect experienced a minor incident on June 5, 2026, lasting —. The incident has been resolved; the full update timeline is below.

Started
Jun 05, 2026, 03:17 PM UTC
Resolved
Jun 03, 2026, 01:30 PM UTC
Duration
Detected by Pingoru
Jun 05, 2026, 03:17 PM UTC

Update timeline

  1. resolved Jun 05, 2026, 03:17 PM UTC

    We identified an issue related to an update deployed to TrustedForm Certify on June 3 at approximately 8:30 AM CT. The update introduced behavior that caused TrustedForm assets to be blocked on some websites with restrictive Content Security Policies (CSPs). As a result, certificates created on those websites during the affected period may not have captured consent language correctly, which could have caused downstream verification requests to fail. The update was rolled back on June 4 at approximately 1:00 PM CT, and newly created certificates are no longer affected by this issue. It is important to note that TrustedForm certification has always required all necessary web assets to be accessible to TrustedForm resources. Implementations that restrict TrustedForm through CSP or other security controls may result in certificates with incomplete data and unexpected verification outcomes. To ensure proper operation, publishers using a CSP should review their configuration and verify that it complies with our implementation guidance: https://support.activeprospect.com/hc/en-us/articles/45013581545364-Getting-Started-with-Certifying-Leads-on-Sites-Using-a-Content-Security-Policy-CSP