How to legally download any previous version of an App Store app through iTunes

Update: As of iTunes 12.5, Apple is using certificate pinning for App Store downloads. This will only work on previous versions of iTunes.
Here’s how to legally download any previous version of an App Store app through iTunes.

Here’s a video demonstration of the following procedure on Windows

Here’s a tutorial for Mac (via iDownloadBlog)

1) Download Fiddler.

For Windows 8 and above, download Fiddler for .NET4, else, download Fiddler for .NET 2.

2) Open Fiddler, Tools — Fiddler Options — HTTPS. Tick “Decrypt HTTPS traffic”. Click “Yes” in the popup and proceed with certificate installation. Click “Actions”, then “Export Root Certificate to Desktop”.

3) Right click the exported certificate on Desktop and click “Install”. Install to “This Computer”-“Keep All Certificated into the following storage”-“Trusted Root Certification Authorities”. (Do not turn of Fiddler at any point).

4) Open iTunes, log in and search for the app you want to download a legacy version of.

5) Click Download. When download begins (and has downloaded a little), highlight the download in Download popover and delete the download.

Highlight. Then hit “Delete” key twice to stop the download.

6) Remove the downloading item in Fiddler to save bandwidth.

7) Locate a request above the deleted download item, with domain and url beginning with /WebObjects/MZBuy.woa. Switch to Inspectors tab on the right, and click the yellow box ”Response is encoded and may require decoding before inspection. Click here to transform”.

The domain may change from time to time, the important part is to locate the url beginning with /WebObjects/MZBuy.woa

8) Save the request through right clicking the request — Save Response — Response Body. If everything is a jarring mess, make sure you clicked the transform box in step 6.

9) Open the saved xml document. The default option is usually Internet Explorer. That is fine. Scroll down to softwareVersionExternalIdentifiers and a set of strings under “xxxxxxxxxx”.

Sample list for softwareVersionExternalIdentifiers. These identifiers correspond to every single version since the app was in the store. App Thinning, introduced in iOS 9, caused a single newly-updated app version to have multiple identifiers. They correspond to different device families.

10) Go back to Fiddler, right click the MZBuy request, Replay — Reissue and Edit.

11) Edit the number in appExtVrsId at top right corner to the version ID you just located in step 8. Click the green button.

12) Switch to the right-most view “XML” under the yellow label. Scroll down to check the corresponding numerical app version corresponding to the softwareVersionExternalIdentifiers you located.

13) Repeat the above steps until the legacy version you are looking for is identified. (If request failed, it means the request has expired. Repeat from step 4 to resolve that.)

14) Now the softwareVersionExternalIdentifiers of the particular legacy app version is located.

15) Go to iTunes. Search for your app name again and click into the detail page of the app. Now “Download” button should be enabled again in iTunes. Do not download yet.

16) Go to Fiddler. Menu bar — Rules — Automatic Breakpoints — Before Requests to intercept all HTTP requests. Now go to iTunes and click the Download button.

17) Go back to Fiddler. There should be a few new requests with red icon. Locate MZBuy.woa (directly allow with the green play button if it is “tunnel to”), edit the softwareVersionExternalIdentifiers to the one you located in step 11 (Not Replay edit), then turn off interception mode through Menu Bar — Rules — Automatic Breakpoints — Disabled.

18) Click the green button to allow request. You can choose to permit all other requests with red labels.

19) The legacy version of your app should begin to download. Keep iTunes and Fiddler open until your app download completes.

20) Voila! You can now install the app via iTunes.

Article via lcz970 at

Grab Bag

There are a few extra things you can (and should) do, but is not mandatory for legacy apps to work.

Before installing the app, open the downloaded file in a WinZip or WinRAR, then delete iTunesMetadata. This will prevent legacy app from automatically updating itself to the latest version (if you have auto-update on), and remove the obnoxious update view in App Store Updates tab. Thanks, _jrmint at reddit.
You should remove Fiddler’s root certificate after finishing downloading your apps. Here’s why. Here’s how. Thanks, OatmealDome at reddit for the heads up.
If you use a Mac, Use Charles for Mac or Fiddler on a virtual machine. Thanks, bombastic191.