Apple Drops Support for SHA-1 Certificates in macOS Catalina and iOS 13
In a new support document, Apple has indicated that macOS Catalina and iOS 13 drop support for TLS certificates signed with the SHA-1 hash algorithm, which is now considered to be insecure. SHA-2 is now required at a minimum.
Apple says all TLS server certificates must comply with these new security requirements in macOS Catalina and iOS 13:
- TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits. Certificates using RSA key sizes smaller than 2048 bits are no longer trusted for TLS.
- TLS server certificates and issuing CAs must use a hash algorithm from the SHA-2 family in the signature algorithm. SHA-1 signed certificates are no longer trusted for TLS.
- TLS server certificates must present the DNS name of the server in the Subject Alternative Name extension of the certificate. DNS names in the CommonName of a certificate are no longer trusted.
Effective immediately, any connections to TLS servers violating these new requirements will fail and may cause network failures, apps to fail, and websites to not load in Safari in macOS Catalina and iOS 13, according to Apple.
Google, Microsoft, and Mozilla all deprecated SHA-1 certificates in 2017.
Popular Stories
Apple's Worldwide Developers Conference (WWDC) starts today with the traditional keynote kicking things off at 10:00 a.m. Pacific Time. MacRumors is on hand for the event and we'll be sharing details and our thoughts throughout the day.
We're expecting to see a number of software-related announcements led by a design revamp across Apple's platforms that will also see the numbering of all of...
At today's WWDC 2025 keynote event, Apple unveiled a new design that will inform the next decade of iOS, iPadOS, and macOS development, so needless to say, it was a busy day. Apple also unveiled a ton of new features for the iPhone, an overhauled Spotlight interface for the Mac, and a ton of updates that make the iPad more like a Mac than ever before.
Subscribe to the MacRumors YouTube channel ...
Apple today announced a complete redesign of all of its major software platforms called "Liquid Glass."
Announced simultaneously for iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and CarPlay, Liquid Glass forms a new universal design language for the first time. At its WWDC 2025 keynote address, Apple's software chief Craig Federighi said "Apple Silicon has become dramatically more powerful...
Apple today announced that iPadOS 26 will be compatible with the iPad models listed below.
iPadOS 26 features a new Liquid Glass design, a menu bar, improved app windowing, and more.
iPadOS 26 supports the following iPad models:iPad Pro (M4)
iPad Pro 12.9-inch (3rd generation and later)
iPad Pro 11-inch (1st generation and later)
iPad Air (M2 and later)
iPad Air (3rd generation and...
In 2020, Apple added a digital car key feature to its Wallet app, allowing users to lock, unlock, and start a compatible vehicle with an iPhone or Apple Watch. The feature is currently offered by select automakers, including Audi, BMW, Hyundai, Kia, Genesis, Mercedes-Benz, Volvo, and a handful of others, and it is set to expand further.
During its WWDC 2025 keynote today, Apple said that 13...
Apple at WWDC announced iOS 26, introducing a comprehensive visual redesign built around its new "Liquid Glass" concept, alongside expanded Apple Intelligence capabilities, updates to core communication apps, and more.
Liquid Glass is a translucent material that reflects and refracts surroundings to create dynamic, responsive interface elements, according to Apple. The new design language...
