Alex,
Thank you for the latest build — I’ve downloaded it and something isn’t right with the code signing as I’m getting warnings. For some reason I’m also now getting the warning if I try to run the previous version. I have no idea why anything should have changed on the previous version or how I got it to work — but I’ve done some investigation on your latest package.
I think that it is being signed with your Mac Developer certificate. [ Mac Developer: Alexander Holupirek (ER9NUV223U) ]
I’m not expert on the developer certificates but I think that each application has to be signed with a Developer ID Application certificate.
Compare the result of testing another non-Mac App Store application:
jb8748$ spctl -a -vvvv ./Across\ Lite.app/ ./Across Lite.app/: accepted source=Developer ID origin=Developer ID Application: Literate Software LLC
with BaseX:
jb8748$ spctl -a -vvvv ~/Downloads/BaseX.app/ /Users/jb8748/Downloads/BaseX.app/: rejected origin=Mac Developer: Alexander Holupirek (ER9NUV223U)
A check with code sign [ codesign -d -vvv ~/Downloads/BaseX.app/ ] suggests that there is nothing wrong with the hashes or the signature. So it seems that it’s just that it’s signed with a certificate that isn’t accepted by Gatekeeper.
I think that a registered developer can obtain a Developer ID Application certificate — it’s just a request somewhere on the portal. Perhaps you have to have one per application which is why it’s different to your Mac Developer one?
It’s all a bit of a black art to me but I hope this helps!
Regards, James