“eskimo”

OK, let’s break this down into two parts: Build time Run time Lemme tackle these in reverse. There’s no need to explicitly install a provisioning profile on your device for use at runtime. Rather, your build system should embed the provisioning profile within your app and the system will pick it up from there. That’s certainly how Xcode builds app. If you’re building your app with third-party tooling, it’s possible that they have different advice. In that case I recommend that you escalate this with the vendor for that tooling. DevForums is primarily focused on Apple APIs and tools, and we can’t offer definitive answers about third-party stuff. Oh, and this is true on all Apple platforms, including the Mac. When it comes to build time, my general advice is that you use Xcode and enable automatic code signing. That will take care of all of this for you. Specifically, Xcode will automatically manage all the stuff in ~/Library/Developer/Xcode/UserData/Provisioning Profiles. Note This is the current location for

[quote='815498021, Pushpak-Ambadkar123, /thread/815498, /profile/Pushpak-Ambadkar123'] URL Filter Network … is only for Enterprise level or MDM or supervised device. [/quote] That’s not right. You are mixing up URL filters with content filters. URL filters have strong privacy fundamentals and thus have no deployment limitations. In contrast, content filters have significant deployment limitations. See TN3134 Network Extension provider deployment for all the details. [quote='815498021, Pushpak-Ambadkar123, /thread/815498, /profile/Pushpak-Ambadkar123'] When trying to run sample project in the simulator [/quote] The simulator uses the macOS networking stack, so you can’t test low-level networking facilities there. You’ll need to test this on a real device. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

This isn’t something we can help you with here on the forums. Rather, you need to seek help via official channels. For the details, see this post. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

The specific thing you’re looking for — distributing iOS apps to arbitrary devices not through an Enterprise team — is not possible. As you’ve noted: Developer ID is a Mac thing. Ad Hoc distribution is limited to a specific set of devices. One alternative path is to put the app on the App Store but limit who can buy it. See the discussion of custom apps on Distributing Apps on Apple Business Manager and Apple School Manager Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='875835022, ameydalvi_sophos, /thread/815274?answerId=875835022#875835022, /profile/ameydalvi_sophos'] Is this logline faulty or not to be taken at its face value ?? [/quote] Well, neither. I think you’re misinterpreting what this is saying. It’s simply reporting the result of its call to your handle-new-flow method. So, the code looks something like this: let provider: NEAppProxyProvider = … let flow: NEAppProxyFlow = … let log: Logger = … let didAccept = provider.handleNewFlow(flow) log.log(…: provider ( didAccept ? accepted : rejected ) new flow (flow)) Note This isn’t the exact code, but rather my re-creation of it in Swift with some irrelevant details elided. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

There’s not enough context here for me to evaluate this. Can you post a snippet that’s complete enough to feed into the compiler? We have a post that describes what we like to see in general, but in this case I don’t think you need anything that complex. I often test stuff like this in a small macOS command-line tool project, and in that case I can post the entire source code as a code block. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='875862022, disinghal, /thread/811887?answerId=875862022#875862022, /profile/disinghal'] Packet tunnel provider is caliing some another app which is using URLSession [/quote] Huh? Apps can’t ‘call’ other apps on iOS, and similarly for app extensions. So what do you mean by this? Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

The error here, -25303, or errSecNoSuchAttr, suggests a problem with your attributes. And the only non-required attribute you’re supplying is kSecAttrApplicationTag. Which is, in fact, the cause of your issue. kSecAttrApplicationTag is only supported on keys. I recommend that you have a read of SecItem: Fundamentals [1], and specifically the The Four Freedoms^H^H^H^H^H^H^H^H Functions section, which explains how you can use SQL to model the expected behaviour of the SecItem API. In this case, the SQL table for certificate items has no kSecAttrApplicationTag, and thus this error. It also has links to the doc that explains which keychain item class supports which attributes. [quote='815390021, ellinj, /thread/815390, /profile/ellinj'] Is there an alternative to create SecIdentity without keychain access? [/quote] We finally (finally finally!) have this. See the docs for the SecIdentityCreate function. IMPORTANT This was added in Xcode 26 but backdeploys to much older systems. Or at least that’s the plan (-: Thi

That’s not the right API to use for receiving datagrams. Rather, use the receiveMessage(completion:) method or one of its variants. That ensures that you get the entire datagram in one hit. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='815354021, JacobHearst, /thread/815354, /profile/JacobHearst'] OSLogStore … it only collects logs for the current process [/quote] Correct, at least on everything except the Mac. I cover this and many other logging topics in Your Friend the System Log. There isn’t truly a happy path here. When it comes to NE debugging, you need to see the full system log and there are no APIs on iOS that’ll let you get that. Oh, one last thing. If you’re goal is to work with Apple to help debug a problem, you can ask your user to file a bug in Feedback Assistant. That’ll attach a sysdiagnose log to the bug report. You won’t be able to see the sysdiagnose log, but if you pass the Apple folks that bug number they should be able to get it. I talk more about this idea in Using a Sysdiagnose Log to Debug a Hard-to-Reproduce Problem. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

You can expect that most uploads will be notarised quickly. Occasionally, some uploads are held for in-depth analysis and may take longer to complete. As you notarise your apps, the system will learn how to recognise them, and you should see fewer delays. For lots of additional info about notarisation, see Notarisation Resources. Specifically, it links to a Q&A with the notary service team that’s quite instructive. [quote='815402021, AbubakrLatif, /thread/815402, /profile/AbubakrLatif'] have created new certificate [/quote] Yikes! That won’t help with this issue and, as these are Developer ID certificates, it can have negative consequences. Developer ID as precious, as I explain in The Care and Feeding of Developer ID. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

knytko wrote: Yes, reported today with ID FB13636366. Thanks for that. Annoyingly, that bug got lost in our system and there’s been no progress on it. I’ve taken steps to get it on the right track. Lanmac, Are you developing an app that contains a system extension? Because reading through your post it doesn’t look like you’re hitting the issue being discussed here. If you’re having a problem with the Finder that’s unrelated to app development, I recommend that you bounce over to the Apple Support Community, run by Apple Support. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

At the top of the Signing & Capabilities editor there’s a Team popup. What does that show in your case? For context, it looks like Xcode thinks that you’re working in a Personal Team. However, the App ID in your screenshot is registered to an Individual team (Team ID 9________S). Individual teams should be able to use NE capabilities, so I’m not sure why Xcode isn’t letting you. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='815340021, Leo_Nagano, /thread/815340, /profile/Leo_Nagano'] If this is a known limitation or bug in how Xcode validates NE entitlements for Developer ID [/quote] Indeed, this is a known bug in Xcode’s code-signing support )-: [quote='815340021, Leo_Nagano, /thread/815340, /profile/Leo_Nagano'] is there a recommended workaround? [/quote] You have to sign your product manually, outside of Xcode. Exporting a Developer ID Network Extension has all the details here. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='815372021, MattStewart, /thread/815372, /profile/MattStewart'] is NEFilterDataProvider supported on non-supervised devices for consumer App Store apps …? [/quote] No. TN3134 accurately reflects the allowed deployment paths for NE content filters. [quote='815372021, MattStewart, /thread/815372, /profile/MattStewart'] is this a platform restriction that cannot be worked around? [/quote] You shouldn’t think about this as something to be “worked around”. Rather, this is a platform privacy policy. If there were a way around it, that’d be a major security bug. Notably, macOS, being a different platform, has a different policy. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com