Apple Responds to Developers Regarding Expired Mac App Store Security Certificates

Last week some users and developers experienced an issue that displayed a "damaged" error when attempting to open select apps from the Mac App Store, including popular apps like 1Password, Tweetbot and Byword. Today, Apple has sent an email to developers explaining what happened and how to fix their apps.

CUDcjswUsAAiKe-
In the email, which developer Donald Southard Jr. shared on Twitter, Apple explains that the company issued a new security certificate for the Mac App Store in September in anticipation of the expiration of the old certificate. The new certificate used a stronger SHA-2 hashing algorithm instead of the old SHA-1 algorithm. Hashing algorithms are used by certificate authorities to sign security certificates.

However, two issues caused users to experience errors when starting up apps. The first issue, according to Apple, is that there was a caching issue with the Mac App Store that required users to restart their computers and re-authenticate with the Mac App Store to clear out the old cache. Apple says it's working on a fix for this in an upcoming OS X update. The other issue is that some apps were running an older version of OpenSSL that didn't support SHA-2. Apple says it replaced the SHA-2 certificate with a new SHA-1 certificate last Thursday night.

Finally, Apple says that "most of the issues are now resolved", but that some apps might still experience problems if the apps make "incorrect assumptions" about the Mac App Store's security certificates. Apple asks developers to make sure their code adheres to the Receipt Validation Programming Guide and to resubmit apps for expedited review if necessary. The AppleCare support team has also been briefed with the latest troubleshooting information for users.

Popular Stories

maxresdefault

No iOS 19: Apple Going Straight to iOS 26

Wednesday May 28, 2025 11:56 am PDT by
With the design overhaul that's coming this year, Apple plans to rename all of its operating systems, reports Bloomberg. Going forward, iOS, iPadOS, macOS, tvOS, watchOS, and visionOS will be identified by year, rather than by version number. We're not going to be getting iOS 19, we're getting iOS 26. Subscribe to the MacRumors YouTube channel for more videos. iOS 26 will be accompanied by...
iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching Later This Year With These 12 New Features

Tuesday May 27, 2025 9:10 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of May 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone X ...
28 years later iphone 1

Filmmakers Used 20 iPhones at Once to Shoot '28 Years Later'

Friday May 30, 2025 7:27 am PDT by
Sony today provided a closer look at the iPhone rigs used to shoot the upcoming post-apocalyptic British horror movie "28 Years Later" (via IGN). With a budget of $75 million, Danny Boyle's 28 Years Later will become the first major blockbuster movie to be shot on iPhone. 28 Years Later is the sequel to "28 Days Later" (2002) and "28 Weeks Later" (2007), which depict the aftermath of a...
Generic iPhone 17 Feature With Full Width Dynamic Island

iPhone 17 Display Sizes: What to Expect

Thursday May 29, 2025 11:38 am PDT by
Apple's iPhone 17 lineup will include four iPhones, and two of those are going to get all-new display sizes. There's the iPhone 17 Air, which we've heard about several times, but the standard iPhone 17 is also going to have a different display size. We've heard a bit about the updated size before, but with most rumors focusing on the iPhone 17 Air, it's easy to forget. Display analyst Ross...
macOS 26 visionOS Inspired Feature

macOS 26 Rumored to Drop Support for These Five Macs

Thursday May 29, 2025 5:31 am PDT by
The next major version of macOS, now dubbed "macOS 26," is rumored to drop support for several older Intel-based Mac models currently compatible with macOS Sequoia. According to individuals familiar with the matter cited by AppleInsider, the following Macs will not be supported by the next version of macOS: MacBook Pro (2018) iMac (2019) iMac Pro (2017) Mac mini (2018) MacB...
iOS 26 Mock Rainbow Feature

With iOS 18 Jumping to iOS 26, Will Apple Renumber iPhones Too?

Thursday May 29, 2025 1:59 pm PDT by
With the next-generation version of iOS and other 2025 software updates, Apple is planning to change its numbering scheme. Rather than iOS 19, which would logically follow iOS 18, Apple is instead going to call the update iOS 26. Apple plans to use 26 across all of its platforms (the number representing the upcoming year), which will presumably be less confusing than having iOS 19, macOS 16,...
iOS 19 visionOS UI Elements

6 visionOS-Inspired Design Elements Coming to iOS 26

Friday May 30, 2025 3:26 pm PDT by
With iOS 26, macOS 26, tvOS 26, and watchOS 26, Apple is planning to debut a new design that's been described as taking inspiration from visionOS, the newest operating system. With WWDC coming up soon, we thought we'd take a closer look at visionOS and some of the design details that Apple might adopt based on current rumors and leaked information. 1. Translucency Inside Apple, the iOS 26...
iphone 16 teal

iPhone 17 Base Model Now Said to Feature A18 Chip and 8GB of RAM

Friday May 30, 2025 11:07 am PDT by
The latest rumored specs for the iPhone 17 base model are underwhelming. In a research note with equity research firm GF Securities this month, Apple analyst Jeff Pu said that the lowest-end iPhone 17 model will be equipped with the same A18 chip that is used in the iPhone 16 base model. The chip will continue to be manufactured with TSMC's second-generation 3nm process, known as N3E, he...

Top Rated Comments

Bubba Satori Avatar
125 months ago
With all the ills in the world, you have time to be this bothered about this. Consider that for a moment.
This is not illsintheworldRumors.
Consider that for a moment.
Score: 15 Votes (Like | Disagree)
Ankou_Sabat Avatar
125 months ago
Actually this response does nothing about a much larger issue on the App Store.

Take the Tweetbot issue which I had hit me. They had released a new version, Tweetbot 2.1.1, right before this issue happened on Oct 15. This updated version is incompatible with Mac OS Mavericks (10.09) so those running Mavericks were stuck with the previous version. This means that for all those running an OS older than 10.10, you're only able to run Tweetbot 1.6.2. If you go to the App Store and try to update it, or even re-download on such an older OS it explicitly tells you of the incompatibility and says that it will download the "old" version for compatibility.

That would be fine, except the old versions are still signed with the EXPIRED CERTIFICATE! So even if you follow the directions to "re-download the damaged app" it will refuse to run because the certificate signed is expired. So the only "fix" is to upgrade your OS to 10.10. Sure it can be argued to upgrade to the latest version, but there are quite a few instances where this is impossible to do and as such, Apple has just put an expiration date on older software preventing you from running it by linking it to this certificate and not providing developers a way to re-sign those submissions with an updated cert. Neither does the App Store itself provide such a facility.

So if by the current expiration date which I believe now is 2 years from now, if your computer is unable to be upgraded to current OS and the current version is unsupported on your system, then you are completely out of luck and stuck with no app that you paid for. This makes the "download old version" feature in the App Store completely flawed if they provide no way to back sign older provided version on the store front.
Score: 11 Votes (Like | Disagree)
sw1tcher Avatar
125 months ago
Software is like that. It's always just about to fall down around our ears, except usually someone is there trying to stop that from happening. Sometimes there are screw ups.
Software purchased through the MAS is like that. From what I read, people who purchased the same software directly from the developer or through other means didn't have to deal with this nonsense.

In the good ol' days, prior to the existence of the MAS, online activation, and subscription services, I'd install a program and it would just work™ until it got replaced or the computer died.
Score: 9 Votes (Like | Disagree)
gijoeinla Avatar
125 months ago
Did someone at Apple win a prize for drafting a note with the most use of "issues" in the first paragraph? How did this letter get by Apple PR?

If Apple normally does one thing well, it's strong apologies once they've completed an investigation into a problem. This letter is not that.

Yes let's tear apart the letter for next 30 posts shall we. Let's question Apples integrity over it.

Oh my god. Get over it!
Score: 7 Votes (Like | Disagree)
applerocks Avatar
125 months ago
Did someone at Apple win a prize for drafting a note with the most use of "issues" in the first paragraph? How did this letter get by Apple PR?

If Apple normally does one thing well, it's strong apologies once they've completed an investigation into a problem. This letter is not that.
Score: 5 Votes (Like | Disagree)
alphaod Avatar
125 months ago
Maybe it'll get some developers to finally update their apps.
Score: 5 Votes (Like | Disagree)