VPN on OSX - entitlement is not allowed

App & System Services Networking
roee84 OP
Created Apr ’16
Replies 5
Boosts 0
Views 862
Participants 3

I've configured a vpn (packet tunnel) on OSX, but I can't start it because of an entitlement problem

(I already did it on iOS, but on OSX it's not running, although the entitlements suppose to work on both iOS and OSX)


When I run the app, it's imediatly crashes with the error:

... because its use of the com.apple.developer.networking.networkextension entitlement is not allowed

according to this error, the containing app is not allowed to use the entitlements - but why??


But if in the project settings, at the containing app, I remove the path to the entitlement file at Code Signing Entitlements, the app won't crash, but not start the VPN.



To check what's the problem, I ran at the terminal

codesign -d --entitlements :- CatoClient.app

and

codesign -d --entitlements :- CatoClientExtension.appex


In both of them I can see

<array>

<string>packet-tunnel-provider</string>

<string>app-proxy-provider</string>

<string>content-filter-provider</string>

</array>


Any Help would be appreciated

Replies  5
Boosts  0
Views  862
Participants  3
Vladius OP
Apr ’16

check you provisioning profile

looks like it doesn't contain com.apple.developer.networking.networkextension entitlement

0
roee84 OP
Apr ’16

I do have this on the provision profile:


<key>Entitlements</key>

<dict>

...

...

<key>com.apple.developer.networking.networkextension</key>

<array>

<string>packet-tunnel-provider</string>

<string>app-proxy-provider</string>

</array>

</dict>

0
roee84 OP
Apr ’16

And in the entitlement file, I have this too:


<key>com.apple.developer.networking.networkextension</key>

<array>

<string>packet-tunnel-provider</string>

<string>app-proxy-provider</string>

</array>

0
DTS Engineer OP
Apple
Apr ’16

The Network Extension entitlements you use have to be whitelisted by the provisioning profile, and the symptoms you’ve describe indicate that this is not happening. Two questions:

  • Please confirm that you’re building for Mac App Store. Network Extension providers are only supported on the Mac App Store.

  • You need to check that your provisioning profile has the entitlements set correctly. You can find instructions for doing this in Debugging Entitlement Issues.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
0
roee84 OP
Apr ’16

I just fixed the problem as I replied to you at https://forums.developer.apple.com/message/130622#130622


But what do you mean by

"Please confirm that you’re building for Mac App Store. Network Extension providers are only supported on the Mac App Store."

I'm going to release it to the Mac App Store, but for now my provision profile created for Mac App Development


And thanks again for your quick replies!

0
VPN on OSX - entitlement is not allowed
First post date Last post date
 
 
Q