We have a Java Application with an embedded JRE. It is distributed as a DMG File.
After signing this DMG file, including nested context using the --deep flag, the check of the signature using codesign command is successful.
The Upload to the notarisation service is also successful.
The result of the notarisation is “Your Mac software was not notarized.” The reason logged in the report is that the JRE is not signed.
We are using AdoptOpenJDK current 1.8 version. But tests with java 11 also led to the same result.
Checking the notarisation documentation did not bring new findings.
Is there anything else to do when notarisation an application like ours?