Closed dannyhertz closed 1 year ago
@dannyhertz ill take a look shortly, but I don't think I can do something here since I don't include any intermediate certificates. The library only includes the Apple root certificate and verifies that the chain of trust for the container’s signature matches the Apple Inc. Root Certificate.
Very sorry I didn’t respond sooner! Turns out it was an Apple issue. After the intermediate certs expired yesterday they seemed to still embed them in receipts (or at least sandbox ones) for many hours. After refreshing receipts for hours, they finally started validating! Sorry for the false alarm and appreciate the effort you put into this lib.
Receipt validation is now failing for anyone using this library as of February 7th. https://developer.apple.com/news/?id=ytb7qj0x.
Consistently getting
invalidCertificateChainOfTrust
when attempting validation.