• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Apple Apologizes to Developers for its Mac App Store Certificate Issues


    Apple recently sent out a note to developers apologizing for last week’s Mac App Store app signing issue that ended up rendering certain applications inoperable. The Cupertino California company explained server-side fixes and offered app makers instructions on how to patch the software that was affected.

    To be more specific, Apple Developer Relations sent out letters addressing a problem that caused users to see a false “damaged” error when opening certain apps, which in some cases went as far as forcing a delete and re-download. Developer Donald Southard, Jr. released a copy of the note on Twitter recently.

    To summarize the key points, Apple mentioned that a planned Mac App Store signing certificate update was the cause of the problems from last week. Apple said the following regarding the matter specifically:

    In anticipation of the expiration of the old Mac App Store certificate, we issued a new certificate in September. The new certificate used the stronger SHA-2 hashing algorithm in accordance with current recommended industry practice, where the old certificate had used the SHA-1 hashing algorithm.
    Apple continued by stating that a Mac App Store caching issue stored outdated certificate info on users’ Macs, this explains why a full system restart or re-download from the Mac solved the error for some people. The problem will be addressed in the subsequent OS X update. This caching issue was compounded by apps that were running receipt validation code containing “very old versions” of OpenSSL that isn’t compatible with SHA-2 certificates. Apple ended up replacing the SHA-2 certificate with a SHA-1 certificate just this past Thursday.

    Since the fixes have been put into place, most of last week’s Mac App Store issues have all been resolved, though Apple is urging developers to check their code against its Receipt Validation Programming Guide and if necessary, resubmit updated apps to iTUnes Connect for expedited review.

    It’s nice to see Apple admits faults, resolves issues quickly and issues apologizes when issues arise, all of which was done relatively quickly as well.

    Source: Donald Southard Jr. (Twitter) via AppleInsider
    This article was originally published in forum thread: Apple Apologizes to Developers for its Mac App Store Certificate Issues started by Akshay Masand View original post