But as the top comment says: The actual issue was that some developers used an old version of OpenSSL, which couldn't handle the SHA2 cert. Apple apparently "deprecated" their SHA1 cert and started to use an SHA2 cert. IIRC some apps were still working because they used the right OpenSSL version.
I guess Apple didn't communicate enough with the developers that they'll start using SHA2.
> I guess Apple didn't communicate enough with the developers that they'll start using SHA2.
Understatement of the year right there. Apple didn't communicate this at all. The first time anybody outside of Apple found out about this was when apps started failing to launch.
If Apple had merely told developers a month ahead of time, "Hey, we're switching to SHA-2 certificates, make sure your receipt validation code handles it," this whole thing could have been avoided.
In a crazy hypothetical world where Apple's app store team actually gives a shit about third party developers, they could have even tested SHA-2 certificates against the apps in the store, and directly contacted affected developers to tell them to get stuff fixed.
I guess Apple didn't communicate enough with the developers that they'll start using SHA2.