User Profile

Hello folks, I am practically at my wits end here and I think I have searched high and low and can't find any definitive steps or answers that can point me in the right direction. My team is working on a command line executable tool that is written in C. We have built the code on Mac OS 11.5 using our internal tools (no Xcode unfortunately) and are able to test and verify everything works. Now comes the hard part of signing and notarizing the tool so it can be distributed to our end users. I have figure out how to sign the executable and add some entitlements, the problem I have now is the notarization. Currently the tool is bundled in a dmg with the structure shown below. I ran the xcrun altool to notarize the dmg and after a couple hours it was successful. I was able to staple the ticket to the dmg but I don't see a way to staple the ticket to the tool itself (Stapling is not supported for mach-O binaries). I was able to mount the dmg but when I click on the installer script or the executable, I get the dreaded gatekeeper warning that the developer cannot be confirmed. Anyone know any guides I can follow to get this application bundled and notarized and signed properly so my end users don't get hassled by gatekeeper? Any help is greatly appreciated. Dmg structure: DMG |----- Folder | |----- dylib files | |----- command line tool | |----- installer script (copies dylibs to /usr/local/lib and copies command line tool to /usr/local/ path and adds to PATH % xcrun stapler staple clitool.dmg Processing: Downloads/Payload/clitool.dmg Processing: Downloads/Payload/clitool.dmg The staple and validate action worked!