No SHA-256 intermediate certificate for Sandbox, still SHA-1 signature

As indicated on the website below the sandbox should now have a SHA-256 signature for new purchases starting on June 20, 2023 for apps running in iOS 16.6 and higher.

I tried with iOS 17 beta, still getting a SHA-1 signed receipt. Has anybody managed to get a SHA-256 signed receipt?

TN3138: Handling App Store receipt signing certificate changes | Apple Developer Documentation

Post not yet marked as solved Up vote post of And0Austria Down vote post of And0Austria
1.4k views
Posted by
And0Austria
Reply

  • I'm trying to understand the same thing, how do you chethe signature of the receipt?

    iijjj

  • Me, too. I tried with iOS16.6 Beta, I got a SHA-1 signed receipt.

    eggkimi

  • Hi! I tried today with iOS 16.6 Beta (20G5070a), and got the new intermediate cert.

    mgabor

Replies

I still get the SHA-1 signed receipt, that's weird.

Posted by
And0Austria
Up vote reply of And0Austria Down vote reply of And0Austria
Add a Comment

I also only get SHA1 signed receipts. What's worse is that my recently published app update seems to fail for some users during IAP receipt validation, presumably due to my incorrect SHA256 handling. I'm not even able to reproduce this error in a sandbox environment!

Posted by
sergioko
Up vote reply of sergioko Down vote reply of sergioko
Add a Comment