Tell HN: Apple development certificate server seems down?

Posted by strongpigeon 5 hours ago

Counter54Comment23OpenOriginal

I don't see anything on https://developer.apple.com/system-status/, but I haven't been able to install apps for development on my own devices starting at 11AM PDT.

Other people on Reddit seem to be hitting this too [0]. Anyone knows anything about it?

[0]: https://www.reddit.com/r/iOSProgramming/comments/1rq4uxl

Edit: Now getting intermittent 502s from https://ppq.apple.com/. Something is definitely going on.

Comments

Comment by xutopia 5 hours ago

For those wondering why this is a big deal it means that every developers attempting to run a development version of an iPhone, iPad or MacOS app cannot run their apps right now.

This is worse than Github being down and Apple Developers who pay 99$ a year for the privilege of writing software on this ecosystem aren't event getting a status page update: https://developer.apple.com/system-status/

Comment by andyvanosdale 1 hour ago

It's definitely not worse than GitHub being down...

Comment by _heimdall 41 minutes ago

Depends on your priorities. Many developers don't pay for github access, and no one pays github 15-30% of gross sales.

Comment by Brian_K_White 17 minutes ago

And a lot more people use github for something at all and don't use Apple for anything at all.

The entire Apple universe is smaller than the world or even just the github part of the world, and the Apple developer universe is a tiny fraction of even just the Apple universe.

Comment by ToucanLoucan 4 hours ago

Can confirm. Spent over an hour trying to figure out why I couldn't build to devices just to get frustrated, browse to HN, and here we are.

I'm looking for a job shoveling pig shit as we speak.

What genuinely pisses me off is that this isn't noted on their status page, nor is it indicated at all when you, I dunno, revoke and generate certs repeatedly trying to solve a problem you didn't fucking cause.

Comment by monero-xmr 45 minutes ago

[dead]

Comment by ollin 54 minutes ago

Here was the developer thread https://developer.apple.com/forums/thread/818403 I found with lots of other reports of "Unable to Verify App - An internet connection is required to verify the trust of the developer".

Although https://developer.apple.com/system-status/ was green for most of the 3-4 hour outage, the page now at least acknowledges two minutes of downtime:

    App Store Connect - Resolved Outage
    Today, 12:04 AM - 12:06 AM
    All users were affected
    Users experienced a problem with this service.
Not a great developer experience.

Comment by gt565k 5 hours ago

Enterprise apps distributed via MDM & signed using in-house distribution certificates are dead in the water too with the error message "Unable to Verify App" showing on start-up.

Apple's status page is showing no problems (all green).

This is a really bad look for Apple.

Comment by 1 hour ago

Comment by strongpigeon 5 hours ago

I'm getting invalid certificates from https://ppq.apple.com. I think that's probably the root cause?

Comment by gt565k 5 hours ago

Hilarious... their provisioning profile query server has an expired SSL certificate?

Are you serious Apple?

Comment by strongpigeon 5 hours ago

It doesn't look expired per se:

  Issued On Wednesday, January 21, 2026 at 9:47:41 AM
  Expires On Wednesday, February 17, 2027 at 10:28:16 AM
What I get is: net::ERR_CERT_AUTHORITY_INVALID

Comment by gt565k 5 hours ago

Has some undisclosed error.

Says cannot be trusted when validating via SSL checker

https://decoder.link/sslchecker/ppq.apple.com/443

Comment by gt565k 5 hours ago

SSL Error: Verify return code: 34 (unhandled critical extension)

Comment by xutopia 5 hours ago

OMG my app just got rejected because I didn't have the right screenshots to their liking... an app specifically made to remember stuff like this LOL the irony!

Comment by astrostl 4 hours ago

Invalid certs according to what? Quoth Claude Code:

OpenSSL can't validate the cert because it contains a critical extension it doesn't recognize — specifically 1.2.840.113635.100.6.27.3.2, which is an Apple-proprietary OID marked as critical. Per X.509 rules, if a client encounters an unrecognized critical extension, it must reject the cert.

That said, this is likely intentional on Apple's part — browsers and Apple's own TLS stack (SecureTransport/Network.framework) almost certainly know how to handle this extension. It's a private Apple CA (Apple Server Authentication CA) signing an Apple-internal service endpoint, so it's designed to work within Apple's ecosystem rather than with generic OpenSSL.

In practice:

  - Works fine in Apple clients (Safari, curl on macOS using the system TLS stack, iOS apps)                                                          
  - Fails with raw OpenSSL or other non-Apple TLS implementations                                                                                     
  - Not a misconfiguration — it's Apple intentionally using a proprietary critical extension on their private PKI

Comment by strongpigeon 4 hours ago

That's fair. I've never attempted to reach this before so I can't compare and the explanation makes sense.

The intermittent 502s on the other hand are an issue.

Comment by Orellius 48 minutes ago

And I was surprised why nothing worked, now I know. read comments here system is down hard.

Comment by ynac 4 hours ago

Any other services down for anyone? I've had a credit service portal fail for hours today with a notice of server issues. As well as a credit union login with a similar message. These are all first times for me. Some big black cape / hat pressure testing?

[edit] And FreeUSATax portal. Solar cone today?

Comment by avicado0o 3 hours ago

Finally WORKING!!

Comment by strongpigeon 3 hours ago

Confirmed! Damn that was annoying.

Comment by tariksune 3 hours ago

updated that there was an outage on app store connect https://developer.apple.com/system-status/

edit: working now

Comment by erkanerol 3 hours ago

Why is all green in the status page? Really really annoying.

Comment by colinbartlett 50 minutes ago

The Apple status pages (both of them) are some of the worst of the big league offenders, perhaps second only to Microsoft.

Full disclosure, I operate a product that compares official outage acknowledgment to actual outage impact times. (Which I won't mention to avoid self-promotion.)

For this specific incident, I saw the alert come across my Slack at 19:02 UTC. We received over 100 reports of this outage before the official acknowledgement was posted by Apple on their status page at 21:37 UTC.

Shortly after their acknowledgment, the reports fizzled out and then Apple marked the incident as resolved about 20 minute later.

The whole outage lasted about 4 hours from first report to last and wasn't acknowledged by Apple until 3.5 hours into it.

Comment by semtra 4 hours ago

Bro im tryin to sideload and everytime i try to verify my app it doesnt let me what is even going on like i need my spotify back when will the certificates be back up what else can i use to sideload