[cisco-voip] certificate renewals - 1 year only - due to Apple changes

Lelio Fulgenzi lelio at uoguelph.ca
Wed Mar 4 12:52:06 EST 2020


So, we've gotten word that Apple is thinking of "accepting/trusting" only certs that are 13 months old or less.

https://www.theregister.co.uk/2020/02/20/apple_shorter_cert_lifetime/

This is a bit of a drag on Jabber deployments due to so many certs being needed.

>From what I've seen, only Expressway supports auto-renew like let's encrypt.

>From the article, it seems:

"Certificates issued prior to September 1 will have the same acceptable duration as certificates do today, which is 825 days. No action is required for these certificates."

I'm guessing it if says Safari, it's any cert used by an apple device, since the safari engine is used throughout, right?

We're planning on renewing soon, so we should be good to go with 2 years.

But the future?

What are others planning on doing?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 12786 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200304/ca0a8c32/attachment.bin>


More information about the cisco-voip mailing list