Apple to Limit Accepted TLS Certificate Duration to One Year
This week Apple announced at the 49th CA/Browser Forum Face-to-Face that it will limit the term of accepted TLS certificates to 398 days as of September 1, 2020. Certificates issued on or after that date with term beyond 398 days will be distrusted in Apple products.
Certificates issued prior to September 1 will have the same acceptable duration as certificates do today, which is 825 days. Existing two-year certificates will operate correctly for their full duration. No action is required for these certificates. Two-year certificates, if renewed after August 31, 2020, will need to be renewed for one year to remain trusted in the Apple platform.
Note that customers of Sectigo's subscription SSL services will remain in compliance with Apple certificate trust requirements. The subscription service automates the issuance and delivery of individual SSL certificates each of which is one year in duration, even though the subscription service extends across multiple years.