Codesign with entitlements on Mac OS
-
I create a mac app using Qt and Apple's Network extension for VPN connection. From Apple Developer's console, I enabled personal VPN, and download distribution provisionprofile. then I loaded the provision profile into Xcode, that gives me an entitlement file (xcent). Finally, I built my app with Qt and a script. When I sign the app, I first copy the provision profile into Contents of the app as embedded.provisionprofile, then codesign it:
codesign --entitlement my_entitlement_file MyApp
However, when I download the app to a new Mac, taskgated-helper kills the app with signal 9. in system log, I can see the following messages:
taskgated-helper MyApp: Unsatisfied Entitlements: com.apple.developer.networking.vpn.api, com.apple.developer.team-identifier
...
codesignature validation faile fatally: when validating Myapp: Code has restricted entitlements, but the validation of its code signature failed.
...If I open the package content and double click embedded.provisionprofile to install, then the app can run without error.
It appears that the way I add embedded.provisionprofile is not quite right. taskgated-helper doesn't find provisionprofile inside the app.
What is the proper way to add embedded.provisionprofile into app bundle?
-
Hi and welcome to devnet,
Did you try with macdeplyoqt ?
