Hi, can't activate system-extension. in any case getting Domain=OSSystemExtensionErrorDomain Code=8 "Invalid code signature or missing entitlements" (sometimes get code = 9) P.S. In debug running all is working. (The system is asking to activate sysex) Has to read huge amount of forum, samples, and docs. But no luck What and how i've tried steps which i've doing #- signing sysextension binaries with Developer ID Application #- signing system extension with Developer ID Application #- signing application with Developer ID Application #- checking all signatures with Developer ID Application #- building pkg installer #- signing installer with Developer ID Installer #- checking signing #- sending installer for notarization #- waiting for installer verification #- after success I call stapler staple #- When calling sysex activation I get (But the problem is persist when i've try to move signed app to application folder, or try to notarize zip) or in any case which possibly mention on forum, i've get sign command sample codesign --force --timestamp --options runtime --sign "Developer ID ***" Also has to tried with ** --deep,** but no luck. Result of steps descrribed here: App has System Extension compatibility, Sysex haven't System Extension. App is used the same bundle id as in AppStore (also has to tried separate one, but no luck) In console just two informative message regarding it, but nothing specific default 01:08:04.745310+0200 sysextd client activation request for com.company.appName.PacketTunnelMacExternal default 01:08:04.745330+0200 sysextd attempting to realize extension with identifier com.company.appName.PacketTunnelMacExternal default 01:08:04.750996+0200 appName-Mac-External [0x13a9496f0] invalidated because the current process cancelled the connection by calling xpc_connection_cancel() Could you please assits with solve issue?

Hi everyone. I wrote VPN application used packet tunnel provider. Now i want to setup to provide functionality, to allow turn on just for specific applications. I saw apps provide to setup this functionality, like select the list of apps where VPN will work, some of them has a big list. As i understand i need Per app vpn or i need to setup Rules for NEVPNManager, could someone provide the documentation, or the link to sample, how that feature works?

Hi Apple released external payment for some new regions https://developer.apple.com/documentation/storekit/external_purchase but i don't fully undersant, can i use in one application for allowed region, external payment link, for all others Apple pay. Don't found clear explanations of that

Hi. i've got a case, when i've successfully run Packet - Tunnel with NEPacketTunnelProvider (socks protocol) And i can't found a way to calculate traffic. i've tried with usage self.packetFlow.readPackets... self.packetFlow.writePackets... with different ways, but each time when i call methods, which contains lines with packet flow, nothing happens, i think its related to my protocol and library which i've use to implement packet tunneling, cause its freeze the thread. By the way its working great in memory limits of iOS. i've see that the profiler in xcode is showing spended traffic. I've also trying to get with functions getifaddrs name of virtual interface which extension is create for use, and by the name, found virtual adapter, but all fields of objects there, which i found, doesn't provide any helpful information related to size of packages information Also i've tried to implement custom NEPacketTunnelFlow, and use them in NEPacketTunnelProvider, but as the result NEPacketTunnelProvider not starting, and crashing without any helpfull information. Can someone give some prompts where i can found some ways of solution?

Hi. i've app in swift for iOS and macOS, which using websocket webSocketTask = URLSession.shared.webSocketTask(with: request) //Session let session = URLSession(configuration: configuration ?? .default, delegate: self, delegateQueue: OperationQueue()) and as the result, when user have turn on Private relay, user doesn't receive any informatiom from web socket, if user switch off this function, all is fine. Could you give some advise, how to setup client, or server to allow working websockets in that case?

I think so i've got the last point of the issue why is IKEv2 and deployed server can't establish connection. eskimo did a big job to answer for everybody. But, i've don't found the answer. I've get iOS/mac clients, i understand that its possible to setup NEVPNProtocolIKEv2 for NEVPNManager. But the main issue, is that digital identity of certificate is not trusted. For example, when i've installing mobileconfig, its working, but warning on every step when installing mobileconfig. NEVPNManager doesn't provide possibility to run VPN based on information contains on mobileconfig. And if remove full section of com.apple.security.root, it wouldn't be work (the same behavior as app. And the question is, how, and where get trusted certificate, trusted identity, to run ikeV2 vpn from the app?

I've developing app which can connect to the VPN using NEVPNProtocolIKEv2. I have a case when i can have some VPN servers. And each of them has own certificate. I've setup VPN server to return .mobileconfig file, which i can install manually and VPN will work. I've trying to parse .mobileconfig and create a object of NEVPNProtocolIKEv2 for run VPN from the app. I've trying to get string value of private key, and create the IdentityData, but VPN is immidiately disconecting. Is it possible to use NEVPNProtocolIKEv2 and .certificate authorisation, and create a initialize authentication/identity fields from string value of PayloadContent of mobileconfig file?