User Profile

With the stricter notarization requirements now in place, we're running into a problem with one of our installers. The main application distributed in that installer is signed with our Developer ID Application certificate. I can notarize the app directly by submitting the .app file to the notarization service. However as soon as I put that (signed) application in an installer .pkg file and sign the .pkg with the Developer ID Installer certificate, we are unable to notarize the .pkg getting an "invalid signature" error for the main application and every Framework it depends on (though it appears that the notarization service thinks that signature on the pkg itself is fine) Is this a known issue? We're using:/usr/bin/ditto -c -k --keepParent ./XWCSigned.pkg ./XWCCSigned.pkg.zipto put the .pkg into a .zip file before sending up to the notarization service.Thanks in advance for any info you can share!--Ron D