On April 23, 2020 9:42 pm, Thomas Lamprecht wrote:
> On 4/23/20 1:59 PM, Fabian Grünbichler wrote:
>> On April 23, 2020 1:07 pm, Dominik Csapak wrote:
>>> LGTM
>>>
>>> maybe we should shorten the lifespan to 1 year already?
>>> according to [0], safari on macos will reject certs
>>> that are longer
On 4/23/20 1:59 PM, Fabian Grünbichler wrote:
> On April 23, 2020 1:07 pm, Dominik Csapak wrote:
>> LGTM
>>
>> maybe we should shorten the lifespan to 1 year already?
>> according to [0], safari on macos will reject certs
>> that are longer valid than 398 days, when issued on/after
>> 2020-09-01
>>
On April 23, 2020 1:07 pm, Dominik Csapak wrote:
> LGTM
>
> maybe we should shorten the lifespan to 1 year already?
> according to [0], safari on macos will reject certs
> that are longer valid than 398 days, when issued on/after
> 2020-09-01
>
> 0: https://support.apple.com/en-us/HT211025
>
fo
LGTM
maybe we should shorten the lifespan to 1 year already?
according to [0], safari on macos will reject certs
that are longer valid than 398 days, when issued on/after
2020-09-01
0: https://support.apple.com/en-us/HT211025
On 4/23/20 12:20 PM, Fabian Grünbichler wrote:
if our self-signed ce
if our self-signed certificate expires in more than 825 days, but was
created after July 2019 it won't be accepted by modern Apple devices. we
fixed the issuance to generate shorter-lived certificates in November
2019, this cleans up the existing ones to fix this and similar future
issues.
two yea