Pixel Envy

Written by Nick Heer.

Apple Patches Mac App Store Certificate Bug

Philip Elmer-DeWitt, Fortune:

A security certificate Apple installed to protect users from malware had expired on Nov. 11, 21:58:01 GMT—precisely five years after its original creation—and nobody at Apple had thought to renew it.

The company fixed the problem — pushing through a new certificate that expires in 2035 — but not before breaking untold numbers of Mac apps and confusing and inconveniencing countless Mac owners.

So it’s fixed, right? All I have to do is just keep using my computer as normal?

The only way I could get Tweetbot working again was to log back into the App Store, remember my password, re-install something I had already bought and paid for, and re-boot my computer.

It’s not just Elmer-DeWitt who found that a reinstall was necessary — it’s the fix recommended by Jim Matthews, creator of Fetch:

If your copy of Fetch from the Mac App Store does not open, drag it to the trash, empty the trash, and download a fresh copy from the App Store.

For years, I’ve been recommending the use of Mac App Store apps wherever possible to friends and family: updating is easier and the security of the store gives those of lesser technical ability more confidence in trying new software.

This issue bites those people in the ass most. The warning dialog displayed after launching an app affected by this problem is vague and scary, and could give the impression that it’s the developer’s fault, not Apple’s.

If Apple cannot maintain the Mac App Store in even the most basic capacity, it’s time for them to get rid of it or turn it into a glorified Apple updater for their own software.

See Also: Michael Tsai’s excellent-as-usual roundup.