[Cialug] Safari Accepting Long-Lived Certificates?
Todd Walton
tdwalton at gmail.com
Tue Nov 3 14:42:38 UTC 2020
On Mon, Nov 2, 2020 at 9:24 AM Chris Conmy <cconmy at gmail.com> wrote:
> You can find the information from Apple here:
> https://support.apple.com/en-us/HT211025
Thank you! So I guess that did go into effect.
Some bits I got sorted out in my head:
1) As you said, Chris, it only applies to certs issued after the change,
i.e. after September 1st
2) It only applies to certs issued by CAs in the OSs root store (which I
assume Safari uses)
3) If a cert is valid for longer than 398 days, it's rejected even before
the first year is up
--
Todd
More information about the Cialug
mailing list