Some Mac App Store Apps 'Damaged' Due to Expired Security Certificate

A growing number of MacRumors readers and Twitter users have been experiencing an issue with some Mac App Store apps displaying a "damaged" error when opened since late Wednesday. The issue has affected popular apps such as 1Password, Acorn, Byword, DaisyDisk and Tweetbot.

Mac App Store apps with a "damaged" error (Image: Graham/Twitter)
Mac users are prompted with this error message when opening Mac App Store apps:

“App Name” is damaged and can’t be opened. Delete “App Name” and download it again from the App Store.

Tweetbot developer Paul Haddad tweeted that the issue appears to be related to security certificates that expired on November 11, 2015, and he further speculated that the receipts now using SHA256 encryption may be causing problems with older OS X versions.

Wonder if the receipt now being SHA256 is causing problems with old OS versions? pic.twitter.com/ozOssXWlBR — Paul Haddad (@tapbot_paul) November 12, 2015

The issue, however, also appears to affect some users running OS X El Capitan, leading Haddad to believe that Mac App Store apps contacting Apple's servers simultaneously may be causing a "self inflicted DDOS on Apple’s receipt generation service."

Haddad says that rebooting your Mac on OS X 10.10 or later may resolve the issue, while some users have been forced to reinstall apps from the Mac App Store, disconnect from and reopen the Mac App Store or simply reenter their Apple ID password.

It appears that Apple has since set a new 2035 expiration date for the security certificates, per The Guardian, at least some for apps, but the issues are persisting for some. Apple did not respond to request for comment.

Update: Rene Ritchie at iMore has further explained what's causing Mac apps to report as "damaged" and what can be done about it.