Gatekeeper rejecting the code sign app

We are trying to codesign our app with the Developer ID Certification Authority


codesign -f -vvvv --strict --deep -s "Developer ID Application: ******* (4B9GHJ9X43)" DCMApp.app

appdmg ./CTFAppCreation.json ./DCM.dmg

codesign -f -vvvv --strict --deep -s "Developer ID Application: ******* (4B9GHJ9X43)" DCM.dmg


Even after that the while opening the app shows that DMG app cannot be opened because the identity of the developer is not identified.


Tried verifying it via various ways mentioned below it all seems to be fine.


spctl -a -t open --context context:primary-signature -v DCM.dmg

DCM.dmg: accepted


codesign -v DCM.dmg && echo SIGNED!

SIGNED!

source=Developer ID


mac d2user$ spctl -a -t open --context context:primary-signature -v /Users/d2user/Perforce/cmabuild_MAC_CTF/depot/Common/ContentTransfer/buildenv/mac/DCM.dmg

/Users/d2user/Perforce/cmabuild_MAC_CTF/depot/Common/ContentTransfer/buildenv/mac/DCM.dmg: accepted

source=Developer ID


mac d2user$ spctl -a -t open --context context:primary-signature -v /Applications/DCMApp.app/

/Applications/DCMApp.app/: accepted

source=Developer ID


Any pointers will he highly useful.

Replies

Wondering if you have come up with a solution to this issue. I'm having a very similar problem--My certificate appears valid, the application seems to be signed correctly. But users are still getting the "identity of the developer cannot be confirmed" error.