Another strange behavior I noticed is that if I generate, notarize, and launch my Developer ID signed build once (the tunnel activation will fail, of course, as described above), then my DEV build will start to fail too. I had to apply a brand new App ID to continue my development.

Thank you very much. You're right. I did notarize and export my App and Network Extension using Xcode 15.2. Today, I managed to swap entitlements, code sign, and notarize everything manually following your instructions. However, I am still experiencing the same issue. What could possibly be going wrong? Any guidance would be greatly appreciated. In the meantime, I am starting to try to distribute the app using the Mac App Store.

Yes, the activate tunnel API returns .configurationInvalid error. In the meantime, I can see multiple codesign related errors in the Console app. Entitlement com.apple.application-identifier=MyTeam.AppID.network-extension is ignored because of invalid application signature or incorrect provisioning profile Signature check failed: code failed to satisfy specified code requirement(s) I did two tests, both signed and notarized manually. In the first test, I used the App ID with which I had previously failed to launch the app. In the second test, I used a brand new App ID and rebooted my MacBook before launching the app. I will try to test in a clean environment as soon as possible and get back to you. Thank you for your assistance.

Dear Apple Developers, I apologize for the confusion earlier. I've managed to resolve my issue. It turns out Unix domain socket's path must not exceed 108 characters. With Sandboxing enabled, the home container path became very long. Thank you for your support. Best regards.

Thank you for the clear answers, I really appreciate the help! For context, a client asked us to tie a key to an access control flag while enforcing a strong password. Alternatively, they wanted to store a key in the file-based keychain but ensure that the user couldn’t export it (e.g., as a .p12 file). We were exploring the feasibility of these options. Now that we know it’s not possible, we can provide them with a clear answer. Thanks again for your support!