We have macOS application that consists of a plugin and app. App uses a few third party frameworks. To deliver app to customers we also have a pkg file. To create pkg file we use Packages app.
We want pkg file to be notarized using a shell script. If necessary also .app and .plugin should be notarized automatically. .app and .plugin can be also compiled using script or you can use release-builds manually compiled with Xcode.
We can upload pkg to Apple for notarization but it fails with errors:
"message": "The binary is not signed with a valid Developer ID certificate." - this happens for .app and third party frameworks inside app
"message": "The signature does not include a secure timestamp." - for same files as previous.
We can get .app notarized when using XCode organiser so we probably have all needed certificates etc.
Environment: macOS 10.15.4, Xcode 11.4.
Only apply if you have previous experience in notarization.