Code-signing and Notarization Accepted, but Stapler Fails with Error 65

Hello Apple Developer Community,

I’m encountering an issue where my macOS app (signed with a valid ‘Developer ID Application’ certificate and accepted by Apple’s notary service) fails when I attempt to staple the notarization ticket. The Apple notary service reports ‘Accepted’ each time, but xcrun stapler staple always returns Error 65, with the local check (spctl -a -vvv) showing ‘Unnotarized Developer ID.’

Here are some key points:

1. Certificate: I have a valid ‘Developer ID Application’ certificate (unexpired) in my login and system keychains, with Apple’s intermediate certificates also installed and set to System Defaults or Always Trust.
2. Notarization: Regardless of whether I submit a .zip of the .app or the final .dmg for notarization, notarytool reports ‘Accepted.’
3. Stapling: xcrun stapler staple (or notarytool staple) on the exact file I uploaded fails with Error 65, claiming it can’t validate the downloaded ticket.
4. Environment Checks:
   • Checked for duplicate or outdated certificates—only one Developer ID remains.
   • Repeated on multiple code-signed builds (both .app and .dmg) with the same result.
   • Manually tested code-signing the .app with entitlements (for the hardened runtime) and then signing the .dmg without entitlements.
5. Logs: The relevant excerpt from stapler indicates “Could not validate ticket for [app]. The staple and validate action failed! Error 65,” even though Apple’s notary service claims success.

Could you please advise any additional troubleshooting steps or possible causes for local validation failure after a successful notarization? I’ve already ensured the environment is up to date with valid intermediates, only one Developer ID certificate. Any insight on diagnosing ticket mismatch or known tool bugs with Error 65 would be appreciated.

Thank you!