Earlier this week Mac App Store (MAS) apps, on launch, were showing up as "damaged" and couldn't be opened. The old MAS security certificate seemed to have expired and a new one, at first, didn't seem to be showing up. Here's my current understanding of what happened.
The old MAS certificate used SHA-1 (secure hash algorithm 1) cryptography. Before it expired, Apple issued a new certificate, but one using SHA-2 (secure hash algorithm 2). This was supposed to be transparent, but once the old certificate expired, some people began experiencing problems.
First, outdated certificate information was stuck in cache, which required some people to reboot or re-authenticate in order to clear it out.
Second, some apps are apparently using an old version of OpenSSL for receipt validation, and—you guessed it!—it doesn't support SHA-2, and hence isn't compatible with the new certificate.
SHA-2 support in OpenSSL has been kicking around since 2005, so it's really in everyone's best interests to use it.
In order to fix the current problem, Apple will need to roll back the MAS certificate to SHA-1 or developers will need to update their receipt validation to use OpenSSL that supports SHA-2. Obviously a roll back on Apple's side would be faster, a developer update better in the long run. Hopefully we'll get both.
UPDATE: Apple has rolled back to SHA-1.
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.