Customers were getting an error message when trying to start 1Password […] We knew our developer certificate was going to expire on Saturday, but thought nothing of it because we believed those were only necessary when publishing a new version. Apparently that’s not the case. In reality it had the unexpected side effect of causing macOS to refuse to launch 1Password properly …
The same issue has hit a number of other Mac apps …
When Mac apps are downloaded from anywhere other than the Mac App Store, macOS checks that the apps are legitimate before it opens them. One of the checks performed is to ensure that the developer’s code-signing certificate is current. MacRumors reports that other apps affected by the issue include Soulver and PDFPen.
In the past, the expiration of a code signing certificate had no effect on already shipped software, but that changed since the release of Sierra last year, when Apple began requiring apps to carry something called a provisioning profile.
A provisioning profile tells macOS that the app has been checked by Apple against an online database and is allowed to perform certain system actions or “entitlements”. However, the profile is also signed using the developer’s code signing certificate, and when the certificate expires, the provisioning profile becomes invalid.
Resolving the issue requires developers to renew their certificates and update the app. Users then need to download the updated version. AgileBits says in its blog post that it has now done this and users can update from this page. Instructions are also found in the video below.
If you experience other apps bought outside the Mac App Store failing to load, check the developer websites for an update, and please let us know the names of the apps in the comments.