@eskimo these .dll files are part of the .net code, they are not Mach-O images and they (as best i understand) have to be next to the Host app coz it basically looks for them to be there. The app itself runs absolutely fine, both on the Mac I am building it on and on the other Macs on Big Sur of users after notarization. So Gatekeeper is happy with it after talking to Apple's servers. It's specifically and ONLY stapling that is failing for me. The --deep option I actually took from one of your posts on how to try and workaround some other stapler issues, i had the exact same result without it. Here's the verbose log, i did take out my team id, relay geo name, app id and actual ticket bytes. I am happy to e-mail the raw output to you, just don't feel comfortable posting the lot on the forum. Processing: /Path/to/my app.app Properties are { NSURLIsDirectoryKey = 1; NSURLIsPackageKey = 1; NSURLIsSymbolicLinkKey = 0; NSURLLocalizedTypeDescriptionKey = Application; NSURLTypeIdentifierKey = "com.apple.application-bundle"; "_NSURLIsApplicationKey" = 1; } Props are { cdhash = {length = 20, bytes = 0xfa5b15a3e1a4ca0f849a47039ad78eb68bf63417}; digestAlgorithm = 2; flags = 65536; secureTimestamp = "2021-08-18 12:34:19 +0000"; signingId = "com.my.app"; teamId = <TEAM ID>; } JSON Data is { records = ( { recordName = "2/2/fa5b15a3e1a4ca0f849a47039ad78eb68bf63417"; } ); } Headers: { "Content-Type" = "application/json"; } Domain is api.apple-cloudkit.com Response is <NSHTTPURLResponse: 0x7fac8b30bac0> { URL: https://api.apple-cloudkit.com/database/1/com.apple.gk.ticket-delivery/production/public/records/lookup } { Status Code: 200, Headers { "Apple-Originating-System" = ( UnknownOriginatingSystem ); Connection = ( "keep-alive" ); "Content-Encoding" = ( gzip ); "Content-Type" = ( "application/json; charset=UTF-8" ); Date = ( "Wed, 18 Aug 2021 12:38:05 GMT" ); Server = ( "AppleHttpServer/ba512e728b68b6da7d047b7c7c12cae42f0df279" ); "Strict-Transport-Security" = ( "max-age=31536000; includeSubDomains;" ); "Transfer-Encoding" = ( Identity ); Via = ( "xrail:st53p00ic-qujn14040302.me.com:8301:21D244:grp60,631194250daa17e24277dea86cf30319:2e6197d9052ce13253e63dbd1c5b0f3e:Somewhere" ); "X-Apple-CloudKit-Version" = ( "1.0" ); "X-Apple-Edge-Response-Time" = ( 209 ); "X-Apple-Request-UUID" = ( "ad044f8e-0500-492e-9992-23fb8d9788c4" ); "X-Responding-Instance" = ( "ckdatabasews:16306801:st42p63ic-ztfb05121801:8807:2115B429:d2a44584859feb01b0b1a7763e6161b2b645e74e" ); "access-control-expose-headers" = ( "X-Apple-Request-UUID,X-Responding-Instance,Via" ); "apple-seq" = ( 0 ); "apple-tk" = ( false ); } } Size of data is 14413 JSON Response is: { records = ( { created = { deviceID = 2; timestamp = 1629290221249; userRecordName = "_b133e60953755a92966d7ca08d9c731a"; }; deleted = 0; fields = { signedTicket = { type = BYTES; value = "<TICKET Bytes here>"; }; }; modified = { deviceID = 2; timestamp = 1629290221249; userRecordName = "_b133e60953755a92966d7ca08d9c731a"; }; pluginFields = { }; recordChangeTag = kshhbwl9; recordName = "2/2/fa5b15a3e1a4ca0f849a47039ad78eb68bf63417"; recordType = DeveloperIDTicket; } ); } Downloaded ticket has been stored at file:///var/folders/f3/670h9zb17tz84l2h8c02p7jw0000gn/T/ad044f8e-0500-492e-9992-23fb8d9788c4.ticket. Could not validate ticket for /Path/to/my app.app The staple and validate action failed! Error 65. Thank you for your help!

@eskimo I was able to find the solution to this problem in your very own infinite wisdom - https://developer.apple.com/forums/thread/120351. I had been doing something else on this machine and set Apple Root CA to 'Always Trust'. That causes stapler to fail, apparently (which is crazy, you'd think, but hey...) perhaps you can update the common issues documentation with this gotcha?

How did you get this log? I see nothing in Console :(

How did you get this log? I have nothing in my Console app :(

Same issue on Ventura 13.2 :( My FB is FB11969934