In-App Purchases · Receipt Validation Starter Project |

This is a companion discussion topic for the original entry at

Hi Brian
Can you please give the steps to integrate open ssl into a swift project, it’s highly confusing and cumbersome as well as downloading the apple root certificate as anyone following this tutorial will be more interested in implementing it in his/her own project. Or ideally an extra video on how to integrate these two (integrating open ssl into a swift project & installing apple root certificate) into this project.

Hey there,

Installing the root certificate is a matter of just downloading the certificate and dragging into your project. You can find find the root certificate over here:

Compiling OpenSSL is really beyond the scope of the tutorial. If you are interested in doing this on your own, you can find a medium tutorial over here:

But remember, Apple recommends that you preform remote validation. It’s far easier to implement with better security.

I hope that helps!

Hi Brian,
Thanks for your prompt reply. I am trying the same medium tutorial since last one week but still no luck. The project is not compiling. If you can provide any help that will be great.

Hi Brian
What’s your take on using some cocapods library which integrates openssl into my project. Do you think will there be any licensing issues. Should I use something like pod “openssl-universal”

@bdmoakley Can you please help with this when you get a chance? Thank you - much appreciated! :]

You’ll need to specifically check with the library itself and review the licensing terms. Since I haven’t used openssl via. cocoapods, I’m really not at liberty to advise. Your best bet is to take it the developer forums.


Hi Brian,
I have a question about receipt persistence.
I am witnessing the following (in sandbox):
• User A purchases my auto-renewing subscription
• User A logs out of iTunes & App Store
• User B logs in, receipt is still there on next app launch and exactly the same, so he still uses User A’s subscription.
Will the receipt be ever updated to show User B’s subscription state? How do we handle this case? Thanks in advance.

This is an edge case I hadn’t dealt with - when you say the receipt is still there - do you mean that Apple is resending the receipt or are you persisting the receipt? Once you parse a receipt, you should be done with it. If you want an updated receipt, you’ll need to request it from the store.

So the process should be: a) get receipt b) process receipt c) discard receipt.Does that make sense?

I only have auto-renewing subscriptions so I use iOS default persistence and read from the file system appStoreReceiptURL as mentioned in the docs:

For non-consumable products and auto-renewable subscriptions in iOS 7 and later, use the app receipt as your persistent record.

I read the receipt on every app launch and send to my server which in turn sends to Apple servers to verify its validity. My server determines if the subscription is still active and responds back.

I would expect the receipt to be automatically cleared when logging out of iTunes & App Store (and the receipt to be different when logging in with another user) but what I see is that appStoreReceiptURL still contains the same content as before. I cannot refresh the receipt all the time because it will show the credentials alert. Also, I don’t know when the iTunes user changes so I cannot refresh only then. This might be a sandbox issue, I do not have a production app to test it with.

In essence, what I am asking for is a list of all the cases that the receipt is auto-refreshed by Apple behind the scenes, if ever. I read this happens on app update or after any transaction for example, but I would expect that to happen when iTunes & App Store user changes as well and this is something I don’t see.

This is something beyond the video course. Your best bet is to head over to our developer forums, post on stack overflow, or head over to apple’s forums (although I haven’t found them very useful in the past). Thanks!