I've been using productsign with a Developer ID Installer certifcate for some time, but when signing a recent pkg build I found that I could no longer open it on macOS 10.6. I tried signing the same pkg under a VM macOS 10.12 and the resulting signed pkg was again compatible with macOS 10.6.
The error I see on 10.6 is:
Jan 11 12:01:45 macos-snow-leopard-server Installer: Failed to verify data against certificate. Jan 11 12:01:45 macos-snow-leopard-server Installer: Invalid Distribution File/Package
I assume something changed with productsign on the release of macOS Mojave and my guess is it will no longer work prior to when GateKeeper was added. I've not been able to find any reference to changes elsewhere.
Is any one aware of what exactly changed, and ideally a workaround so I don't have to load up a VM every time I do a build.
You are going to have certificate problems on anything before 10.9. Those old OS versions may not work with some modern certificates.