User profile for user: ICTSupportGuy
ICTSupportGuy Author
User level: Level 1
8 points

Does Apple's upcoming 1 year/825 day certificate limit apply to certificates issued from private Certificate Authorities?

Hi,

Apple's certificate documentation implies that the changes only apply to public CAs, as below.

https://support.apple.com/en-us/HT211025


"This change will not affect certificates issued from user-added or administrator-added Root CAs.

This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS"


However, reading 3rd party websites imply the changes will impact private CA's as well:


https://www.digicert.com/position-on-1-year-certificates/. It states "Certificates that are not publicly trusted can still be recognized, up to a maximum validity of 825 days." Is this statement correct?


Please clarify whether private CAs are impacted?

Thanks

Posted on Apr 30, 2020 8:14 AM

Reply

Similar questions

3 replies

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Does Apple's upcoming 1 year/825 day certificate limit apply to certificates issued from private Certificate Authorities?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up