Be ready for the Certificate 398-Day Browser Limit
From September 1, 2020, SSL/TLS Certificates will have a maximum lifetime of 398 days. Certificates with longer lifetime can be blocked and your services unreachable.
Both Apple and Google has done public announcements that the limit will be implemented September 1.
“TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC must not have a validity period greater than 398 days.
This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS”
https://support.apple.com/en-us/HT211025
“Beginning with Chrome 85, TLS server certificates issued on or after 2020-09-01 00:00:00 UTC will be required to have a validity period of 398 days or less. This will only apply to TLS server certificates from CAs that are trusted in a default installation of Google Chrome, commonly known as “publicly trusted CAs”, and will not apply to locally-operated CAs that have been manually configured.”
https://chromium.googlesource.com/chromium/src/+/master/net/docs/certificate_lifetimes.md
As you can see, it will not affect your already existing certificates or your own Private CA. But from now on, the recommendation is to use less than 398 days also on these solutions.
About The Author
