Hi,
We are developing a Network Extension Content Filter plugin, we are using the Apple Configurator 2 to create profiles that are installed on supervised devices.
I the project has entitlements setup for Network Extensions and App Groups
I have created a Content Filter payload with the appropriate data, ServerAddress, UserName and Password
My goal here is to use credentials found in configuration profile to create credentials used in URLSession requests
Now here is where I have gotten confused.
I've read this post
https://developer.apple.com/forums/thread/70806
this pointed me to use the keychain access groups.
"I suspect you’re being bitten by keychain access groups. Security items installed via a configuration profile typically go into the com.apple.managed.vpn.shared access group"
Then I have found the following:
https://developer.apple.com/forums/thread/67613
but I am still confused.
"This entitlement is only necessary if your VPN supports configuration via a configuration profile and needs to access credentials from that profile (as discussed in the Profile Configuration section of the NETunnelProviderManager Reference)."
"Access to this keychain access group requires a special entitlement. If you need that entitlement, please open a DTS tech support incident and we will take things from there"
Questions:
Kristofer Linnestjerna
We are developing a Network Extension Content Filter plugin, we are using the Apple Configurator 2 to create profiles that are installed on supervised devices.
I the project has entitlements setup for Network Extensions and App Groups
I have created a Content Filter payload with the appropriate data, ServerAddress, UserName and Password
My goal here is to use credentials found in configuration profile to create credentials used in URLSession requests
Now here is where I have gotten confused.
I've read this post
https://developer.apple.com/forums/thread/70806
this pointed me to use the keychain access groups.
"I suspect you’re being bitten by keychain access groups. Security items installed via a configuration profile typically go into the com.apple.managed.vpn.shared access group"
Then I have found the following:
https://developer.apple.com/forums/thread/67613
but I am still confused.
"This entitlement is only necessary if your VPN supports configuration via a configuration profile and needs to access credentials from that profile (as discussed in the Profile Configuration section of the NETunnelProviderManager Reference)."
"Access to this keychain access group requires a special entitlement. If you need that entitlement, please open a DTS tech support incident and we will take things from there"
Questions:
Is it the same keychain for credentials for a Content Filter configured via configuration profile?
Do I need to create a DTS tech support ticket to get keychain access?
Kristofer Linnestjerna
