Reputation: 117
Is there a way to add the Network Extensions capability to a macOS app without joining the Apple Developer Program?
I want to build a macOS app that filters specific network requests so I need to add the NetworkExtensions capability. But after I add a NetworkExtensions capability, I get the following message:
Your development team, "Potato Dev2", does not support the Network Extensions capability.
Image of where the above message is from: https://i.sstatic.net/H46gE.png
From Apple's documentation on "Adding Capabilities to Your App":
The platform, and whether you're a member of the Apple Developer Program, may limit the capabilities available to your app
The documentation doesn't explicitly say which capabilities require being a part of the Apple Developer Program. I also don't see why I'd need to be a part of the Apple Developer Program to write software on and for my own computer. Note that, at least to my knowledge, the NetworkExtensions capability does not depend on any service from Apple (as opposed to HealthKit or Game Center).
So is there a way to add a Network Extensions capability to a macOS app without joining the Apple Developer Program?
Upvotes: 9
Views: 3949
Answers (3)
Reputation: 1
@pmdj Does this still work? I'm on Monterey, facing the same issue while trying to run a system extension. Also, can you elaborate more on the codesigning parts? I tried codesign -sf path/to/extension while SIP is disabled, still getting the same error:
Cannot create a Mac App Development provisioning profile for "com.example.ExampleCam.ExampleCam". Personal development teams, including ***, do not support the System Extension capability.
Upvotes: 0
Reputation: 23438
You should be able to do it if you disable system integrity protection (SIP) on your Mac (csrutil disable in the Terminal in the macOS Recovery Environment), and disable amfid's entitlements check by adding amfi_get_out_of_my_way=1 to the kernel's command line arguments. (Again in the recovery environment, nvram boot-args='amfi_get_out_of_my_way=1')
You will need to bypass Xcode when code signing and use the codesign command directly because Xcode performs the provisioning profile entitlements check, as you noticed. codesign itself does not perform this check.
This works for basically allowing just about anything to do with DriverKit system extensions, so I'd expect it to work with Network System Extensions as well.
Upvotes: 6
Reputation: 117
I figured out the answer to my question: to write macOS software that uses the NetworkExtension APIs, you must be a member of the Apple Developer Program ($100/year). See https://developer.apple.com/support/app-capabilities/ for details.
Upvotes: 1
Related Questions
- System Extension Validation Fails
- NEPacketTunnelProvider "source-application mode"
- Network Extension entitlement, how to enable it?
- Xcode Network Extensions Account
- How to let iOS/macOS update our app while its NetworkExtension is running?
- Network extension framework versus kernel extension
- How can I develop Safari App Extension without macOS app?
- Should you register new extensions with Apple?
- Adding NetworkExtension.Framework in xcode
- Apple Network Extension Framework development