Apple Responds to Developers Regarding Expired Mac App Store Security Certificates

by

Last week some users and developers experienced an issue that displayed a "damaged" error when attempting to open select apps from the Mac App Store, including popular apps like 1Password, Tweetbot and Byword. Today, Apple has sent an email to developers explaining what happened and how to fix their apps.

CUDcjswUsAAiKe-
In the email, which developer Donald Southard Jr. shared on Twitter, Apple explains that the company issued a new security certificate for the Mac App Store in September in anticipation of the expiration of the old certificate. The new certificate used a stronger SHA-2 hashing algorithm instead of the old SHA-1 algorithm. Hashing algorithms are used by certificate authorities to sign security certificates.

However, two issues caused users to experience errors when starting up apps. The first issue, according to Apple, is that there was a caching issue with the Mac App Store that required users to restart their computers and re-authenticate with the Mac App Store to clear out the old cache. Apple says it's working on a fix for this in an upcoming OS X update. The other issue is that some apps were running an older version of OpenSSL that didn't support SHA-2. Apple says it replaced the SHA-2 certificate with a new SHA-1 certificate last Thursday night.

Finally, Apple says that "most of the issues are now resolved", but that some apps might still experience problems if the apps make "incorrect assumptions" about the Mac App Store's security certificates. Apple asks developers to make sure their code adheres to the Receipt Validation Programming Guide and to resubmit apps for expedited review if necessary. The AppleCare support team has also been briefed with the latest troubleshooting information for users.

Tag: Mac App Store

Popular Stories

Apple Wallet ID Illinois

Apple Plans to Expand iPhone Driver's Licenses to These 7 U.S. States

Wednesday December 24, 2025 8:40 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. The feature is currently available in 13 U.S. states and Puerto Rico, and it is expected to launch in at least seven more in the future. To set up the...
Read Full Article50 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Launching Next Year With These 12 New Features

Tuesday December 23, 2025 8:36 am PST by
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for another nine months, there are already plenty of rumors about the devices. Below, we have recapped 12 features rumored for the iPhone 18 Pro models. The same overall design is expected, with 6.3-inch and 6.9-inch display sizes, and a "plateau" housing three rear cameras Under-screen Face ID Front camera in...
Read Full Article98 comments
maxresdefault

Where's the New Apple TV?

Monday December 22, 2025 11:30 am PST by
Apple hasn't updated the Apple TV 4K since 2022, and 2025 was supposed to be the year that we got a refresh. There were rumors suggesting Apple would release the new Apple TV before the end of 2025, but it looks like that's not going to happen now. Subscribe to the MacRumors YouTube channel for more videos. Bloomberg's Mark Gurman said several times across 2024 and 2025 that Apple would...
Read Full Article176 comments
maxresdefault

10 Mac Apps Worth Trying in 2026

Wednesday December 24, 2025 9:27 am PST by
2026 is almost upon us, and a new year is a good time to try out some new apps. We've rounded up 10 excellent Mac apps that are worth checking out. Subscribe to the MacRumors YouTube channel for more videos. Alt-Tab (Free) - Alt-Tab brings a Windows-style alt + tab thumbnail preview option to the Mac. You can see a full window preview of open apps and app windows. One Thing (Free) -...
Read Full Article98 comments
iOS 26

iOS 26.2 Adds These 8 New Features to Your iPhone

Monday December 22, 2025 8:47 am PST by
Earlier this month, Apple released iOS 26.2, following more than a month of beta testing. It is a big update, with many new features and changes for iPhones. iOS 26.2 adds a Liquid Glass slider for the Lock Screen's clock, offline lyrics in Apple Music, and more. Below, we have highlighted a total of eight new features. Liquid Glass Slider on Lock Screen A new slider in the Lock...
Read Full Article
airpods color prototypes

Apple Tested AirPods in Bright Colors

Saturday December 27, 2025 6:06 am PST by
Apple reportedly tested a version of the first-generation AirPods with bright, iPhone 5c-like colored charging cases. The images, shared by the Apple leaker and prototype collector known as "Kosutami," claim to show first-generation AirPods prototypes with pink and yellow exterior casings. The interior of the charging case and the earbuds themselves remain white. They seem close to some...
Read Full Article61 comments
iPhone Fold Vertical Feature

Why Apple's Foldable iPhone May Be Smaller Than Expected

Tuesday December 23, 2025 5:21 am PST by
Apple's first foldable iPhone, rumored for release next year, may turn out to be smaller than most people imagine, if a recent report is anything to go by. According to The Information, the outer display on the book-style device will measure just 5.3 inches – that's smaller than the 5.4-inch screen on the ‌iPhone‌ mini, a line Apple discontinued in 2022 due to poor sales. The report has led ...
Read Full Article204 comments
Foldable iPhone 2023 Feature Iridescent Search

Samsung Developing 'Wide Fold' With iPhone Fold-Like Design Ahead of Apple's 2026 Launch

Tuesday December 23, 2025 11:55 am PST by
Samsung is working on a new foldable smartphone that's wider and shorter than the models that it's released before, according to Korean news site ETNews. The "Wide Fold" will compete with Apple's iPhone Fold that's set to launch in September 2026. Samsung's existing Galaxy Z Fold7 display is 6.5 inches when closed, and 8 inches when open, with a 21:9 aspect ratio when folded and a 20:18...
Read Full Article92 comments
iPhone SE Cosmopolitan Clean

Apple Discontinued These 25 Products This Year

Wednesday December 24, 2025 7:24 am PST by
With the end of 2025 near, the time has come to look back at the devices and accessories that Apple discontinued throughout the year. Most of the products that were discontinued this year were simply replaced by a new model with an updated chip. However, the iPhone SE line was entirely discontinued when the iPhone 16e launched, and the iPhone Plus line is being phased out. Below, we have...
Read Full Article13 comments

Top Rated Comments

Bubba Satori Avatar
Bubba Satori
132 months ago
With all the ills in the world, you have time to be this bothered about this. Consider that for a moment.
This is not illsintheworldRumors.
Consider that for a moment.
Score: 15 Votes (Like | Disagree)
Ankou_Sabat Avatar
Ankou_Sabat
132 months ago
Actually this response does nothing about a much larger issue on the App Store.

Take the Tweetbot issue which I had hit me. They had released a new version, Tweetbot 2.1.1, right before this issue happened on Oct 15. This updated version is incompatible with Mac OS Mavericks (10.09) so those running Mavericks were stuck with the previous version. This means that for all those running an OS older than 10.10, you're only able to run Tweetbot 1.6.2. If you go to the App Store and try to update it, or even re-download on such an older OS it explicitly tells you of the incompatibility and says that it will download the "old" version for compatibility.

That would be fine, except the old versions are still signed with the EXPIRED CERTIFICATE! So even if you follow the directions to "re-download the damaged app" it will refuse to run because the certificate signed is expired. So the only "fix" is to upgrade your OS to 10.10. Sure it can be argued to upgrade to the latest version, but there are quite a few instances where this is impossible to do and as such, Apple has just put an expiration date on older software preventing you from running it by linking it to this certificate and not providing developers a way to re-sign those submissions with an updated cert. Neither does the App Store itself provide such a facility.

So if by the current expiration date which I believe now is 2 years from now, if your computer is unable to be upgraded to current OS and the current version is unsupported on your system, then you are completely out of luck and stuck with no app that you paid for. This makes the "download old version" feature in the App Store completely flawed if they provide no way to back sign older provided version on the store front.
Score: 11 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
132 months ago
Software is like that. It's always just about to fall down around our ears, except usually someone is there trying to stop that from happening. Sometimes there are screw ups.
Software purchased through the MAS is like that. From what I read, people who purchased the same software directly from the developer or through other means didn't have to deal with this nonsense.

In the good ol' days, prior to the existence of the MAS, online activation, and subscription services, I'd install a program and it would just work™ until it got replaced or the computer died.
Score: 9 Votes (Like | Disagree)
gijoeinla Avatar
gijoeinla
132 months ago
Did someone at Apple win a prize for drafting a note with the most use of "issues" in the first paragraph? How did this letter get by Apple PR?

If Apple normally does one thing well, it's strong apologies once they've completed an investigation into a problem. This letter is not that.

Yes let's tear apart the letter for next 30 posts shall we. Let's question Apples integrity over it.

Oh my god. Get over it!
Score: 7 Votes (Like | Disagree)
applerocks Avatar
applerocks
132 months ago
Did someone at Apple win a prize for drafting a note with the most use of "issues" in the first paragraph? How did this letter get by Apple PR?

If Apple normally does one thing well, it's strong apologies once they've completed an investigation into a problem. This letter is not that.
Score: 5 Votes (Like | Disagree)
alphaod Avatar
alphaod
132 months ago
Maybe it'll get some developers to finally update their apps.
Score: 5 Votes (Like | Disagree)
Read All Comments