koobas.hobune.stream
mac app can't connect to our server on apple's side
Hello. We can't get our game approved. Apple's QA-team reports that the game can't connect to our server. When we are testing our build - it connects successfully.
We use Unity3d 5.2.3 f1 to produce game.
Our build differ from build sent for approval in one checkbox in Unity3d - "useMacAppStoreValidation" - that should be placed only for AppStore approval. But for the test purposes this checkbox should be cleared, otherwise the game won't run at all. (see the ref: http://docs.unity3d.com/ScriptReference/PlayerSettings-useMacAppStoreValidation.html
We set following permissions for Sandbox in entitlements file:
com.apple.security.network.client
com.apple.security.network.server
com.apple.security.app-sandbox
com.apple.security.device.usb
The same permissions were set in ItunesConnect (see the image: http://take.ms/Mi29E)
Game starts and shows in-game message "No internet connection" on the Apple's side. The game is working fine on Android, iOS, WSA, WebPlayer and there are no problems with connection to our server. Pls, can you prompt us what can cause problems?
We are having the same problem. Did you ever find a solution?
Build, with checked "use$$anonymous$$aсAppStoreValidation" option, can be launched now after Unity 5.3.4f1 version release! As a result of our first server request we got an error: "Request error: 'SSL: couldn't create a context: error:140A90F1:SSL routines:SSL_CTX_new:unable to load ssl2 md5 routines" After brief googling, we realized that many people get the same issue and no reply was given by the Unity developers. Unity-guys, plz, reply!
To anyone in the future looking for the solution to this problem, here goes.
As you may know from this guide, you need to create an entitlements file for the App Store. Though the first page you may stumble upon is this link, the entitlement you're looking for is actually buried under the app sandbox category and can be found here.
Here's the solution. Add the entitlement key com.apple.security.network.client to your file. If your app is going to be receiving network traffic as well, also add the entitlement com.apple.security.network.server.
Thanks to this StackOverflow post for pointing me in the right direction.
I've not used this validation method personally but a couple of potential issues:
Your server setup. Where is it hosted. Does it have any firewall restriction which could prevent anything from reaching it (easy way to test is to simply try from a different internet connection with a different IP).
ATS settings. I'm not sure if these apply to mac apps, but if your server doesn't fully support SSL TSL then you might need to adjust the ATS setup within your info plist.
Thank you for your answer, but turning off ATS didn't help. Here is Info.plist file:
<key>CFBundleDevelopmentRegion</key>
<string>English</string>
<key>CFBundleExecutable</key>
<string>GameName</string>
<key>CFBundleGetInfoString</key>
<string>Unity Player version 5.2.4f1 (98095704e6fe). (c) 2015 Unity Technologies ApS. All rights reserved.</string>
<key>CFBundleIconFile</key>
<string>PlayerIcon.icns</string>
<key>CFBundleIdentifier</key>
<string>com.company.gamename</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>GameName</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>2.0</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleVersion</key>
<string>1</string>
<key>NS$$anonymous$$ainNibFile</key>
<string>$$anonymous$$ain$$anonymous$$enu</string>
<key>NSPrincipalClass</key>
<string>PlayerApplication</string>
<key>UnityBuildNumber</key>
<string>98095704e6fe</string>
<key>LSApplicationCategoryType</key>
<string>public.app-category.sports-games</string>
<key>LS$$anonymous$$inimumSystemVersion</key>
<string>10.6.6</string>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true />
</dict>
We checked our server with nscurl: "/usr/bin/nscurl --ats-diagnostics https://ourdomain.com" and every test succeed. We are out of ideas where the problem lies ;(
To add to other answers,
.
Also, it's an official requirement that your application must work on IPv6 network, not only on IPv4. So instead of connecting to google via '8.8.8.8', you should be using 2001:4860:4860::8888
.
Also, if your application is using Peer-to-Peer networking, it might not work when the destination user is hidden behind a NAT. In that case, use a "relay-server" (just your own server that has a permanent, static ip address) or look for "hole punch" technique to bypass NAT.
