PSA: Safari Will Reject Certificates > 398 Days Expiration

I’m spending a moment blogging about this because it will affect remaining Skype and Lync deployments out there, which aren’t going away any time soon. Apple announced that Safari will trust only certs within 398 days of issuance, effectively taking the maximum validity time down to a year. This was a unilateral decision on Apples part in an effort to increase security, and to an extent, it’s a decent decision despite the maintenance hassle. I expect other browsers to eventually follow suit so a heads up for anyone who manages certificates as part of their day to day.

Read more here: