We use a command line based build system (ninja) instead of Xcode so we are signing from the command line. I have signed up for the paid developer account and created the certificates. The certs are imported into my Keychain and have the "Developer ID Application:.."
We build our application and package everything into a .app package. I use the following command line to sign the app package:
cert_name='Developer ID Application: XXXXXXXXXXXX, LLC (XXXXXXXXXXXX)'
codesign --signature-size=12000 --verbose --deep -s "$cert_name" "$mount_name/DREAM3D/DREAM3D.app"
We then create a dmg disk image and post it to an internal web server. We have Safari download it and quarantene it.
We enable GateKeeper via sudo spctl --master-enable
We mount the downloaded disk image, copy the .app to the /Applications folder and double click the .app.
We get the dialog box that says the developer is unidentitified.
What am I doing wrong?