Mac distribution certs

I tried with a package signed with the Mac Installer Distribution cert. It seems to install without issue.

In general the Mac only does a proper signing check when the software is quarantined [1]. When testing software that you plan to distribute independently, I recommend that you follow the process described in Testing a Notarised Product.

what are the benefits / advantages of using the Developer ID certs?

They are the only way to sign products that you distribute outside of the Mac App Store without forcing the user to bypass Gatekeeper.

ps For a bunch of info about Mac signing and distribution, see the Code Signing Resources post and the various other posts it links to.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] Although this behaviour has changed in macOS 13 beta. See WWDC 2022 Session 10096 What’s new in privacy for the details (starting at 04:32).

Does it make any difference if the app will be published in the AppStore, but also need to be packaged for distribution outside of the store, for example for MDM systems that do not support AppStore macOS apps? Would the package signed with Mac Installer Distribution cert work? Or do we need to use the Mac Installer Distribution cert for store publishing, and Developer ID Installer cert for distribution outside of the store?