Apple Responds to Developers Regarding Expired Mac App Store Security Certificates

Last week some users and developers experienced an issue that displayed a "damaged" error when attempting to open select apps from the Mac App Store, including popular apps like 1Password, Tweetbot and Byword. Today, Apple has sent an email to developers explaining what happened and how to fix their apps.

CUDcjswUsAAiKe-
In the email, which developer Donald Southard Jr. shared on Twitter, Apple explains that the company issued a new security certificate for the Mac App Store in September in anticipation of the expiration of the old certificate. The new certificate used a stronger SHA-2 hashing algorithm instead of the old SHA-1 algorithm. Hashing algorithms are used by certificate authorities to sign security certificates.

However, two issues caused users to experience errors when starting up apps. The first issue, according to Apple, is that there was a caching issue with the Mac App Store that required users to restart their computers and re-authenticate with the Mac App Store to clear out the old cache. Apple says it's working on a fix for this in an upcoming OS X update. The other issue is that some apps were running an older version of OpenSSL that didn't support SHA-2. Apple says it replaced the SHA-2 certificate with a new SHA-1 certificate last Thursday night.

Finally, Apple says that "most of the issues are now resolved", but that some apps might still experience problems if the apps make "incorrect assumptions" about the Mac App Store's security certificates. Apple asks developers to make sure their code adheres to the Receipt Validation Programming Guide and to resubmit apps for expedited review if necessary. The AppleCare support team has also been briefed with the latest troubleshooting information for users.

Popular Stories

New Things Your iPhone Can Do in iOS 18

18 New Things Your iPhone Can Do in iOS 18.2

Wednesday November 27, 2024 5:05 am PST by
Apple is set to release iOS 18.2 in early December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as...
Whatsapp Feature

WhatsApp to Drop Support for These iPhones Starting May 2025

Monday December 2, 2024 2:57 am PST by
WhatsApp is set to end support for iOS versions older than iOS 15.1 from May next year, removing the chat platform's compatibility with several iPhone models in the process. From May 5, 2025, WhatsApp will no longer be compatible with iPhone 5s, iPhone 6, and iPhone 6 Plus models. Users with those devices won't be able to access the encrypted chat service after the specified date unless they ...
Apple AI Command Center Concept Mock 3

Apple Expected to Launch This All-New Device Next Year

Wednesday November 27, 2024 1:05 pm PST by
Apple is expected to kick off 2025 by launching an all-new smart home hub, also referred to as a "command center," as early as March. The hub is expected to feature around a six-inch display that can be attached to a tabletop base with a speaker, or mounted on a wall. The device is said to run a new "homeOS" operating system with a customizable widget-focused home screen, and it is expected...
iphone 16 pro models 1

12 Reasons to Wait for Next Year's iPhone 17

Friday November 29, 2024 5:17 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup. If you plan to skip...
airpods pro 2 gradient

AirPods Pro 3 Expected Next Year: Here's What We Know

Thursday November 28, 2024 3:30 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
Cyber Monday Deals Feature 2022

Apple Cyber Week Deals Available Now: AirPods, iPads, and More

Sunday December 1, 2024 7:52 am PST by
Although Black Friday has ended, Cyber Week is here and you can find great deals on numerous Apple devices right now. This includes big savings on AirPods, Apple Watch, MacBook Air, iPad, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. Specifically,...
iPhone 17 Pro Dual Tone Rectangle Feature 1

iPhone 17 Pro Already Rumored to Have These 8 New Features

Wednesday November 27, 2024 12:19 pm PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch for 10 more months, there are already plenty of rumors about the devices. An imaginative iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models so far: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro ...
maxresdefault

The MacRumors Show: iPhone 17 Designs Revealed!

Friday November 29, 2024 9:34 am PST by
On this week's episode of The MacRumors Show, we discuss the recently leaked design of the iPhone 17 "Air" and iPhone 17 Pro. Subscribe to The MacRumors Show YouTube channel for more videos Earlier this week, a report from The Information's Wayne Ma revealed that the iPhone 17 Air will have a thickness of between 5mm and 6mm, which would make it the thinnest iPhone ever. In comparison, iPhone ...

Top Rated Comments

Bubba Satori Avatar
118 months ago
With all the ills in the world, you have time to be this bothered about this. Consider that for a moment.
This is not illsintheworldRumors.
Consider that for a moment.
Score: 15 Votes (Like | Disagree)
Ankou_Sabat Avatar
118 months ago
Actually this response does nothing about a much larger issue on the App Store.

Take the Tweetbot issue which I had hit me. They had released a new version, Tweetbot 2.1.1, right before this issue happened on Oct 15. This updated version is incompatible with Mac OS Mavericks (10.09) so those running Mavericks were stuck with the previous version. This means that for all those running an OS older than 10.10, you're only able to run Tweetbot 1.6.2. If you go to the App Store and try to update it, or even re-download on such an older OS it explicitly tells you of the incompatibility and says that it will download the "old" version for compatibility.

That would be fine, except the old versions are still signed with the EXPIRED CERTIFICATE! So even if you follow the directions to "re-download the damaged app" it will refuse to run because the certificate signed is expired. So the only "fix" is to upgrade your OS to 10.10. Sure it can be argued to upgrade to the latest version, but there are quite a few instances where this is impossible to do and as such, Apple has just put an expiration date on older software preventing you from running it by linking it to this certificate and not providing developers a way to re-sign those submissions with an updated cert. Neither does the App Store itself provide such a facility.

So if by the current expiration date which I believe now is 2 years from now, if your computer is unable to be upgraded to current OS and the current version is unsupported on your system, then you are completely out of luck and stuck with no app that you paid for. This makes the "download old version" feature in the App Store completely flawed if they provide no way to back sign older provided version on the store front.
Score: 11 Votes (Like | Disagree)
sw1tcher Avatar
118 months ago
Software is like that. It's always just about to fall down around our ears, except usually someone is there trying to stop that from happening. Sometimes there are screw ups.
Software purchased through the MAS is like that. From what I read, people who purchased the same software directly from the developer or through other means didn't have to deal with this nonsense.

In the good ol' days, prior to the existence of the MAS, online activation, and subscription services, I'd install a program and it would just work™ until it got replaced or the computer died.
Score: 9 Votes (Like | Disagree)
gijoeinla Avatar
118 months ago
Did someone at Apple win a prize for drafting a note with the most use of "issues" in the first paragraph? How did this letter get by Apple PR?

If Apple normally does one thing well, it's strong apologies once they've completed an investigation into a problem. This letter is not that.

Yes let's tear apart the letter for next 30 posts shall we. Let's question Apples integrity over it.

Oh my god. Get over it!
Score: 7 Votes (Like | Disagree)
applerocks Avatar
118 months ago
Did someone at Apple win a prize for drafting a note with the most use of "issues" in the first paragraph? How did this letter get by Apple PR?

If Apple normally does one thing well, it's strong apologies once they've completed an investigation into a problem. This letter is not that.
Score: 5 Votes (Like | Disagree)
alphaod Avatar
118 months ago
Maybe it'll get some developers to finally update their apps.
Score: 5 Votes (Like | Disagree)