Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities. A decision that Apple unilaterally took in February 2020 has reverberated across the browser landscape and has effectively strong-armed the Certificate Authority industry into bitterly accepting a new default lifespan of 398 days for TLS certificates.

Following Apple’s initial announcement, Mozilla and Google have stated similar intentions to implement the same rule in their browsers.

Starting with September 1, 2020, browsers and devices from Apple, Google, and Mozilla will show errors for new TLS certificates that have a lifespan greater than 398 days.

Source: Apple strong-arms entire CA industry into one-year certificate lifespans | ZDNet

How does HTTPS work? What’s a CA? What’s a self-signed Certificate?






Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles