Xcode: could not launch app (Mac app)

Added -systemextension to entitlements to work with Developer ID.

I am assuming that both provisioning profiles that you are using for building and signing your app and system extension also both contain references to a Developer ID certificate and any Network Extension entitlement also contains the -systemextension suffix on the end as described here?

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

The app runs ok now but Tunnel Extension isn't working.

Cool.

It's working when signed with Apple Dev cert but not when signed with Developer ID cert.

Did you notarise your Developer ID build?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi Eskimo. Big fan! :)

Did you notarise your Developer ID build?

So won't work even when debugging? Need to build, notarize, and only then Network Extension will work?

I also got confused as noticed in this thread you mention it like sysex. So for Apple Dev signing it must be App Extention but System Extension for Dev ID, right?

I went and created System Extension same as App Extension with linking to app etc. Added System Extension capability to app's App ID (recreated provisioning profile). Now I don't get Sys Ext output from Console at all now

IIRC there are two scenarios that work for sysexes:

• Development signing, but that requires that you disable SIP.

• Developer ID signing, but that requires notarisation.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Quinn is right, the two scenarios mentioned do work for System Extensions. One other scenario that works for a Network System Extension, if you are wanting to test it locally or in a VM and not turn off SIP, is the following:

1. Make sure that the machine you are about to test on is enrolled in the Developer Account to which you have configured your signing information with.
2. Build and sign the Network System Extension and the Container app in Xcode and then navigate to where the product build was created on disk. For example, if using Xcode 13 this Product -> Show Build Folder in Finder -> Products -> Debug.
3. Drag your built container app into the /Applications folder in Finder on your Test Machine. (NOTE: this should be a test machine)
4. Run your container app from there and capture logs from the Console.app or Terminal.

This is another way to test a Development Build of a Network System Extension on a dedicated test machine.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Thank you a lot! That's exactly how I'm debugging it. Building, copy to Applications, and monitor Console for logger messages I added to debug.

Getting The operation couldn’t be completed. (OSSystemExtensionErrorDomain error 9.) now and trying to figure out what does that mean. Any clues? Is there any place with a list of those error codes?

Also getting a bunch of this: Tearing down XPC connection due to setup error: Error Domain=NEAgentErrorDomain Code=2 "(null)"