Apple Mac Users Furious As Expired Security Certificate Breaks Mac Store Apps

13 November 2015, 2:56 am EST By Kyle Nofuente Tech Times
Who is Sebastian Kurz, the 31-year-old set to be the next Austrian Chancellor?
Apple's Mac App Store just squashed a bug but not before it caused a firestorm of outrage on the internet. An expired security certificate prevented apps purchased from the App Store from functioning properly, telling users to delete and reinstall the app.  ( Photo: Bart Naus | Flickr )

Apple's App Store choked when security certificates expired on a predetermined date and time of Nov. 11, 2015 at 9:58PM.

Security certificates are issued by the Mac App Store when apps are legally bought and paid for so they can run user's Macs. The certificates are also used to protect users from installing malware via Apple's developer credentials.

Unfortunately, someone at Cupertino forgot to update the ticking deadline for those security certificates. As a result, Apple's customers who tried to open apps they bought from the App Store after the deadline were told that their apps were "damaged and can't be opened" and were asked to delete the apps and download them again from the App Store. Naturally, tons of Apple's customers were outraged over the outage.

Popular apps like 1Password, Tweetbot, and DaisyDisk were affected because of the bug. In fact, it was a developer from Tweetbot's software house, Tapbots, who discovered the root of the issue. On Twitter, Paul Haddad, discovered the out-of-date security certificate on Wednesday night which had already expired earlier the same day.

"Whenever you download an app from the Mac App Store, the app provides a cryptographically-signed receipt. These receipts are signed with various certificates with different expiration dates. One of those is the 'Mac App Store Receipt Signing;' that expires every two years. That certificate expired on 'Nov 11 21:58:01 2015 GMT,' which caused most existing App Store receipts to no longer be considered valid," explains Haddad.

As fast as it could, Apple patched the bug by releasing an updated security certificate. Unfortunately, the company couldn't act quick enough as many of its users had already gone through the arduous process of deleting and redownloading their apps. Even then, some apps still wouldn't launch so users had to resort to re-entering their Apple account credentials - a very difficult thing to do especially if you have a Mac app like 1Password to create and remember all your passwords - and performing a reboot of their machines.

Developers like Haddad received the initial wave of backlash caused by Apple from customers who bought their app. Assuming the problem was caused by the app maker and not related to the Mac App store, Haddad and many others had a customer service nightmare to deal with. Unfortunately, Apple's updated security certificate is only good until Oct. 23, 2017, so the same problem may just pop up all over again two years from now.

Photo: Bart Naus | Flickr

© 2017 Tech Times, All rights reserved. Do not reproduce without permission.

From Our Sponsor

Entropia Universe Allows Players To Earn Real Cash In The Virtual World

Everything in Entropia Universe has real cash value, and the real estate, land and deeds that players invest in are actual investments. The game uses a micropayment system that allows players to buy Project Entropia Dollars (PED), which is used as in-game currency. With a click of a mouse, PED can also be withdrawn from the game and transferred to your bank account using an e-money/e-wallet service like Neteller e-wallet.
Real Time Analytics