Receipt validation locally

I finally succeeded in validating a receipt locally. "You can do it to."


Here's how I did it:

1) the video from WWDC - 05_preventing_unauthorized_purchases_with_receipts - was very helpful in figuring out where to put various files (but see #2 if you can't build your own OpenSSL)

2) there is an already-built version of OpenSSL available at http://receigen.etiemble.com/guides-openssl.html I used 1.0.1o.

I also had to add libcrypto.a in the target's Build Phases "Link Binary With Libraries" and

under the target's Build Settings/Search Paths/ Library Serach Paths I had to add the "lib" folder and

under the target's Build Settings/Search Paths/User Header Search Paths I had to add the "include" folder

3) there is a GREAT article on receipt validation at https://www.objc.io/issues/17-security/receipt-validation/ I used their CODE structure. (One error in the article's code; NSUUID *uuid should be NSUUID *identifier).

4) the Apple Certificate is at https://www.apple.com/certificateauthority/ I used the "Apple Inc. Root Certificate". I had to add it in the target's Build Phases "Copy Bundle Resources"

This whole process would be much simplier if Apple made available an OpenSSL build and the correct Apple Certificate, IMHO.

And the good news is that the receipt can also be used to copy a non-renewable subscription from one device to another device owned by the same user.

Good luck.