Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

If I install a self-signed certificate on my iPad with a validity period of 3 years, etc., does that mean that after 398 days, the certificate becomes invalid?

I read the article "About upcoming limits on trusted certificates." (support.apple.com/en-us/HT211025)

I am planning to install a certificate for SSL forward proxy issued by Firewall on my iPad for security check.

I would like to know if the certificate is no longer valid after 398 days if I make the certificate valid for more than 398 days.

iPad Pro (5th generation)

Posted on Mar 19, 2023 10:56 PM

Reply

Similar questions

4 replies

Mar 20, 2023 6:38 AM in response to ushiko-tomato

Re-read the article.


That lifetime limit does not apply here. Specifically, due to this detail: “This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS.” A self-signed certificate or a local (private) certificate chain does not fall under that.


As for your question, any commercial cert with a lifetime past the specified limit is rejected.


If you want a ten-year or twenty-five-year self-signed cert, at least as far as Apple platforms are concerned, have at.


If you go that way, and for ease of private root renewal, I’d read up on the certificate serial number mechanism.

If I install a self-signed certificate on my iPad with a validity period of 3 years, etc., does that mean that after 398 days, the certificate becomes invalid?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.