Apple will no longer accept security certificates for Safari that are valid for over 13 months

Apple has made a major change to its web browser, Safari, that would increase the safety of the websites that users browse on its devices.

The company has decreased the validity time period of the SSL/TLS certificates issues for Safari. As a part of the changes, Apple will no longer issue SSL/TLS certificates for a period longer than 398 days or 13 months starting September 1, 2020.

However, all security certificates for Safari issued before September 1 will still be valid. This means that the SSL/TLS certificates issued for a period of up to 825 or 2.26 years before September 1 will remain valid. But the two-year long certificates if renewed after September 1 will be renewed just for a span of one year.

"Certificates issued prior to September 1 will have the same acceptable duration as certificates do today, which is 825 days. No action is required for these certificates," Tim Callan, a senior fellow at PKI and SSL management firm Sectigo, said in a statement to The Register.

So why should you care about it? Well, the answer is really simple. Shorter security certificates validity periods would make websites more secure as they would ensure that the web developers use the latest cryptographic standards for securing their websites. This in turn would make websites more secure against phishing attacks and malware attacks. Additionally, short-lived certificates would reduce the window of exposure in event of a security threat.

Simply said, shorter SSL/TLS certificates would ensure that users have a safer browsing experience on Safari and that they are better protected against malware attacks. Websites that don't comply with Apple's new norms will be flagged off by Safari to the users.