Apple Root Certificate Program

Program Requirements

Apple uses public key infrastructure (PKI) to secure and enhance the experience for Apple users. Apple products, including our web browser Safari and Mail.app, use a common store for root certificates. Apple requires root certification authorities to meet certain criteria, which include:

TLS server certificates issued on or after September 1, 2020 00:00GMT/UTC must not have a validity period greater than 398 days. Additional details can be found here.

Submission Process

To begin the submission process, e-mail certificate-authority-program@apple.com requesting inclusion of your root certificate. CA providers will be contacted if any additional information is required, and when consideration of the inclusion request is complete.

Root Acceptance

Apple accepts and removes root certificates as it deems appropriate in its sole discretion.