Safari to reject HTTPS certificates with over thirteen months validity

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Apple places a hard cap of 398 days on certificate validity lengths, hoping to bolster safer, more secure browsing.

Apple has announced that starting on September 1, Safari will reject any website that hosts an HTTPS certificate with more than 398 days of validity. Certificates issued before September 1 will not be subject to the change until the date of their next certificate renewal.

HTTPS certificates are designed to make sure that your connection to a website is safe and secure. If you visit a site with a rejected certificate, you'll see a privacy warning.

For the average user, this shift ensures that you're only interacting with sites that have the latest encryption and security standards. Keeping up with security standards is highly critical for websites that manage the health and financial information of their users.

The announcement took place at the 49th CA/Browser Forum, a voluntary consortium of certification authorities, according to The Next Web.

Certificate authorities routinely would issue certificates that were valid for up to five years but had reduced it to just over two years in 2017.