Apple is implementing additional security requirements for all SSL/TLS certificates that by design impact private SSL/TLS certificates. See Apple's new compliance requirements for Private SSL certificates.
If Apple iOS and macOS trust is required for your private SSL/TLS certificates, you'll want to make sure your newly issued private TLS/SSL certificates meet the new requirements automatically.
We recommend configuring your private TLS certificate products settings at the account level. This helps prevent someone in your account from issuing a private SSL certificate not trusted by Apple's iOS 13 and macOS 10.15.
In your CertCentral account, in the sidebar menu, click Settings > Product Settings.
On the Product Settings page, uncheck Configure products by role.
For accounts with multiple divisions, in the For dropdown, select the top-level division.
In the Product column, select Private SSL.
In the Product Settings column, in the Private SSL settings, in the Allowed Validity Periods box, select one or both of these validity periods:
In the Allowed Signature Hashes box, select one or more of these signature hashes:
Repeat these steps for each private SSL certificate product enabled for your account (e.g., Private Multi-Domain SSL).
The next time an account user orders a Private SSL certificate, they will only see the selected validity period options and selected signature hash options on the order form.
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.