Apple's Safari will only trust certificates with a maximum validity of 398 days

Apple announced that Safari will only trust certificates with a validity of 398 days or less



On February 19th at CA/Browser Forum, Apple announced that from September 1st, 2020, Safari will only trust certificates with a validity of 398 days or less. It is important to clarify that certificates issued before that date are not affected and do not need to be replaced or modified. You can continue to issue 2-year certificates until August 31, 2020 and use them until their expiration date.

Short-lived certificates have been widely recognised for its ability to increase the security and guardianship of the SSL industry and internet users, regardless of the implications and impacts that it may have on customer' certificate management practices.

Taking this into account, SSL247 have responded to the upcoming changes. We are continuously looking for solutions for our customers therefore, we have already introduced multi-year certificates (up to 6-years) by our partners, foreseeing the impending new policies in regards to shortening certificate duration that may come into effect.

Our objective with offering multi-year certificates is to save our customers' time, have exclusive access to savings, and provide flexibility. As certificates move towards shorter certificate durations, automation is a major priority. Multi-year certificates have the ability to automate entire lifecyles up to 6-years, keeping our customers' businesses running smoothly. This allows our customers to avoid manual updates and giving our customers time to do what they need to do than spend time on managing certificates.

Alongside multi-year certificates, SSL247 have also have PKI solutions. For companies with broad web environments, the lifecycle management process for each SSL certificate can often lead to manual errors or misconfiguration due to unexpected expirations. PKI reduces the risk for these events to happen by providing a full certificate lifecycle management for all of the company's online assets. In a world where companies need to deal with more certificates whether on their IoT devices or digital services, having a public key infrastructure (PKI) is invaluable to all businesses wanting to simplify their certificates management.

With Apple's latest news, it will not be long till other major browsers follow suit and emulate changes to trusting certificates with validity of certificate with more than a year's duration. SSL247 are always proactively looking to support and innovatively find solutions for our customers with changes in the cybersecurity industry.

If you have any questions on shortening certificate lifecyle, or would like more information on multi-year certificates, please feel free to call one of our friendly consultants or reach out to your account manager.

Share this:

Posted on Monday 24 February 2020 by Sayeeda Miah

Return to blog

Send us your comments


Your comment will not be published. If you have a question, do not forget to write your email address so that we can get back to you!