Does Apple's upcoming 1 year/825 day certificate limit apply to certificates issued from private Certificate Authorities?
Hi,
Apple's certificate documentation implies that the changes only apply to public CAs, as below.
https://support.apple.com/en-us/HT211025
"This change will not affect certificates issued from user-added or administrator-added Root CAs.
This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS"
However, reading 3rd party websites imply the changes will impact private CA's as well:
https://www.digicert.com/position-on-1-year-certificates/. It states "Certificates that are not publicly trusted can still be recognized, up to a maximum validity of 825 days." Is this statement correct?
Please clarify whether private CAs are impacted?
Thanks