Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

11.17.2015
Mac Developer: Mac App Store Receipt Signing - Certificate Expiration and Replacement

As described in many blogs and news outlets, the certificate that Apple servers were using to sign receipts for apps downloaded from the Mac App Store expired on 2015.11.11. There was an interim certificate that was used briefly for a few days. Ultimately, Apple issued a third certificate (expires 2023.02.27) which we can assume is going to be valid going forward.

For your testing purposes, I have extracted all three certificates, dumped their primary attributes with OpenSSL and bundled them into a disk image (password: 'macappstore') for your inspection and testing.

The original (SHA1) certificate:

CN=Mac App Store Receipt Signing
EXPIRES=Nov 11 21:58:01 2015 GMT
SHA1 Fingerprint=4A:7B:3A:17:00:A4:DA:4A:D4:EA:43:3A:83:61:43:2E:CF:1C:A1:AF

The interim and deprecated (SHA256) certificate:

CN=Mac App Store and iTunes Store Receipt Signing
EXPIRES: Oct 23 19:09:31 2017 GMT
SHA1 Fingerprint=15:0C:E7:C4:1F:13:8F:ED:97:3E:94:78:BD:60:29:7A:A8:CB:BC:3F

The current (SHA1) certificate:

CN=Mac App Store and iTunes Store Receipt Signing
EXPIRES= Feb 7 21:48:47 2023 GMT
SHA1 Fingerprint=27:E2:53:E3:28:97:D6:77:B9:C9:FF:CB:C2:E4:8B:CD:C3:FB:11:01

Labels: ,

By : Tighten Mac App Store Receipt Signing - Certificate Expiration and Replacement

0 Comments:

Post a Comment

[ Home ]

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro