This afternoon I started getting reports from customers of my Mac App Store app -- Fetch -- that they are getting a message stating that the app is damaged, and to re-download it from the App Store. Opening the re-downloaded app yields the same message. I've reproduced the problem on my machines.
How do I contact the right people at Apple to let them know about this problem?
Use the 'Contact Us' tree via iTunes Connect, or call 'em up:
(800) 633 2152
(408) 974 489
The issue comes from the fact that the certificate in the Mac App Store receipts has expired. Apple renewed it and apps are redownloading new receipts.
BUT: Apps that are linked with libcrypto.0.9.7 are failing to very these new receipts and cannot be launched on customer's Macs. Apps linked to libcrypto.0.9.8 or CommonCrypto are not affected and should launch fine after redownloading a new receipt.
That's interesting. My app Fetch still won't launch, and it's linked to libcrypto.0.9.7. I have a call in to developer support.
Do you (anybody) have confirmation it is libcrytpo0.9.7 vs. a new certificate? We static link against it and have apps failing. We've just tired a test build, using a testing Apple ID to sign into get the receipt and the app is NOT failing its certificate test. Of course Apple could be providing us with a compatible certificate while production gets an incompatible one...
So before we integrate a static version of 0.9.8 in, any confirmation this will fix it as we don't seem to be able to test?
Even if it does fix it how big will the flood of rebuilds to the MAS be?
And we've got customers still using old versions having not upgraded OS X for a while, we'll have to look at shipping builds to them directly...
Update: Our apps which static link against libcrypto0.9.7 are all confirmed working under 10.11 (after reboot), none appear to be working under 10.6. So the problem would not seem to be libcrypto0.9.7 per se.
Apple did get back and ask for some details, but have offered nothing yet.
We have different results: Linking against 0.9.7 makes PKCS7_verify fail with return code 0. Exchanging the lib with libcrypto0.9.8 with install_name_tool without altering anything else allows the app to verify the receipt. All tests in done on 10.11 with production receipts.
Before the November 11 MAS certificate expiration problem our MAS receipts were signed with sha1WithRSAEncryption. When the expired cert was replaced we started seeing receipts signed with sha256WithRSAEncryption. libcrypto.0.9.7 does not support that algorithm (support was added in 0.9.8), which explains why apps linked with 0.9.7 (like ours) could not verify receipts. But just now I downloaded a copy of Fetch from MAS that had a receipt signed with sha1WithRSAEncryption, just as they used to be, and that copy launches fine. So it seems that Apple has backed off the change from sha1WithRSAEncryption to sha256WithRSAEncryption, for which I'm very grateful.
It would be nice if Apple could make an official announcement about all of this, especially if they still plan to move to sha256WithRSAEncryption at some point.
All our tests on 10.11 and 10.6 done with binaries from MAS and with production receipts.
Maybe what Jim Matthews discovered, that Apple may have changed the certificate, explains the differences we are seeing.
The 10.6 situation is more confusing. The app we are testing is no longer 10.6 compatible from the MAS, we have an archived "virgin" MAS download.
That binary works on 10.11 (it first complains the developer isn't recognised, we're guessing because it has the now obsolete resource wrapper, but we just OK through that), the app exits 173 as it needs a receipt, OS X downloads a receipt, the app verifies it, and off it goes :-)
However on 10.6 the app doesn't launch after the OS downloads the receipt, on next launch the app fails to verify the receipt, exits 173, and the cycle starts again.
So exactly the same binary, statically linked to 0.9.7, works on 10.11 and fails on 10.6. Till this started our 10.6 customers have been happily using the same binary. We haven't dug deeper yet, but something different is happening on 10.6.
We will echo Jim's wish: Please Apple, make an official announcment of what has changed, and what may be planned to change. While we can spend time reverse engineering what you've done we should not have to and don't even know whether the target is stationary yet so any effort could be wasted.
Delete the app, Sign out of the App Store, sign back in and download a new copy. Didn't work for me yesterday. But did work for me this afternoon. Apparently Apple has changed something. I didn't change anything about my app. It was compiled back in 2011. App startup seems slower now though.
I wonder if apple would consider compensating us for refunds issued to customers during this outage? :-/
Well this does appear more involved than it looks, and Apple are still staying quiet :-(
We are testing the following simple situation: We have an app in the MAS which is no longer compatible with 10.6, but we have customers who still use an older version on 10.6. The ability to download old versions from the MAS is only available from 10.8, so these customers cannot re-download if they they want to. To address this we keep a 10.6 compatible version that was downloaded from the MAS, when needed we ship this ZIP off to a customer, who unzips it, supplied their own Apple ID & password when prompted, and they're back working... until Nov 11 2015 this is :-(
Like everybody else these customers got a "app damaged" message.
In testing we download our 10.6 compatible ZIP, unpack, launch, get prompted for Apple ID & password, and... it fails. The app doesn't immediately launch, as usual after OS X has downloaded a receipt, and on next launch exits 173 and the cycle starts again.
We tried deleting the _MASReceipt, recopying the app, etc. but could we get it to go? Installing the exact same binary on 10.11 on it works fine. So its nothing to do with the statically linked libcrypto0.9.7.
Then we noticed that the receipt that is being installed on 10.6 is out of date - yes it prompts the the Apple ID & password, nots in the console log that its written the receipt, and... its the same old expires on Nov 15 receipt.... Where is it getting it from?
We've deleted all the store caches and preferences, rebooted too many times to count, etc., etc. but can we get this thing to go? No.
Another thought, the same binary installed on 10.11 works and gets an up to date to receipt, what would happen if we copy that onto 10.6...
We get asked for the Apple ID & password - as expected, the receipt is from another machine - and...
It launches!!!
Yes, it now has an up-to-date receipt on 10.6.
So "all" we have to do is get our customers to copy the app to a newer machine, authorise it, copy it back, authorise it again, and Apple's Nov 15 event will fade in their memories...
At this point we're calling a halt for the moment, we've something that works. Here is hoping this helps someone out there, and if anyone gets a spark and figures out how to do it without involving a second machine with a newer OS X please post it!
hahahaha you must be very new to Apple.
during Apple's MAS fuckup '2012 we got hundreds of angry mails from angry customers who thought (and insisted on) that it was our issue and not Apple's MAS fuckup. Apple didn't even put up an apology.
We still have some customers that say they periodically get the damaged error message. Is it anything on our side that can done to fix this, or is this just a perpetual issue with the Mac App Store?
