Certificates – CA 1 year validity

To improve web security for our users, Apple is reducing the maximum allowed lifetimes of TLS server certificates.

TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC must not have a validity period greater than 398 days.

This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS. Additionally, this change will affect only TLS server certificates issued on or after September 1, 2020; any certificates issued prior to that date will not be affected by this change.

Connections to TLS servers violating these new requirements will fail. This might cause network and app failures and prevent websites from loading.

Details can be found here : https://support.apple.com/en-us/HT211025 and here https://www.digicert.com/position-on-1-year-certificates/

Leave a Reply

Your email address will not be published. Required fields are marked *