Last week, at the 49th CA/Browser Forum, a voluntary consortium of certification authorities, Apple announced that it’ll stop allowing HTTPS certificates on Safari with more than 13 months of validity, later this year.

Any certificate issued after September 1, with more than 398 days of validity, will be rejected by Apple‘s browser.

However, as a developer, if your website’s certificate was issued prior to September 1, you won’t be affected.

As the Register noted, sites like GitHub and Microsoft have certificates with two-year validity.

Under Apple’s new rule, these sites will be rejected if these companies will get another two-year certificate after August.

Earlier, certificate authorities used to issue certificates with more than five years of validity.

In 2017, the maximum cap of validity was reduced to 825 days!

Some third-party certificate authorities such as Let’s Encrypt provide multi-year certificates with auto-renewal tools.