The Register contributor Shaun Nichols has reported that Apple’s Safari web browser will not accept new HTTPS certificates that expire more than 13 months from their creation date.

Apple Safari 8.0 Icon

Nichols says, “The policy was unveiled by the iGiant at a Certification Authority Browser Forum (CA/Browser) meeting on Wednesday. Specifically, according to those present at the confab, from September 1, any new website cert valid for more than 398 days will not be trusted by the Safari browser and instead rejected. Older certs, issued prior to the deadline, are unaffected by this rule.

By implementing the policy in Safari, Apple will, by extension, enforce it on all iOS and macOS devices. This will put pressure on website admins and developers to make sure their certs meet Apple’s requirements – or risk breaking pages on a billion-plus devices and computers”.

Apple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months

The Register

Sharing is caring