At the 49th CA/Browser Forum last week, Apple announced its decision to stop allowing HTTPS certificates on Safari which has more than 13 months validity. This decision will be implemented later this year. HTTPS certificates are used to ensure that your connection is safe and secure to any website. It is based on the latest TLS encryption standards.
Henceforth any certificate which is issued after September 1 and has a validity of more than 398 days is set to be rejected by Safari. When you visit any site with this certification you will be flashed a warning message. If you are a developer, understand that a website’s certificate issued prior to September 1 won’t be affected. Sites like GitHub and Microsoft which have a two year’s validity certificate will be rejected under Apple’s new rule. All these sites will be rejected if they get another 2-year certificate after August. Earlier, certificates with more than five years of validity were issued. In fact, the maximum cap was 825 days of validity.
This means that for end-users, sites being visited have the latest encryption and security standards for keeping data private. Michal Špaček, who is a security developer, notes that often browsers omit online certification checks to speed up a site’s loading time. Hence it is necessary to cap a certificate’s validity. However, when it comes to developers and owners of the site, their workload will get increased since they need to manage certificates. Many third-party certificate authorities provide multi-year certificates with auto-renewal tools. Critics say the move will increase reliance on many such companies which make personal hosting difficult.