@DTS Engineer
Hello,
Seems I accidentally pressed, "Accept Answer", but in reality, topic is still open for me :)
Looking forward to hear your comments.
Thanks,
Rovshan
Post
Replies
Boosts
Views
Activity
Hello @DTS Engineer
This is what we do:
# Executing the command on the machine where the notarization was performed via API Key:
% sudo spctl -a -t install -vvv PackageName.pkg
PackageName.pkg: accepted
source=Notarized Developer ID
origin=Developer ID Installer: OrgName (ID)
# The same package is copied to another machine (e.g. via scp). Executing the same command on the same package on another machine:
% sudo spctl -a -t install -vvv PackageName.pkg
PackageName.pkg: rejected
source=Unnotarized Developer ID
origin=Developer ID Installer: OrgName (ID)
Follow up:
# Machine where notarization is done:
% sudo spctl -a -t install -vvv example.pkg
example.pkg: accepted
source=Notarized Developer ID
origin=Developer ID Installer: company name (ABCXYZ123)
# Same package, different machine:
% sudo spctl -a -t install -vvv example.pkg
example.pkg: rejected
source=Unnotarized Developer ID
origin=Developer ID Installer: company name (ABCXYZ123)