I have a .pkg that I created to distribute my company's software, but when they download it from other mac it says "It can not be opened because it comes from an unidentified developer", the pkg is signed with a valid certificate of the type App Store Installer with the tool productsign , the certificate appears correctly in the upper right part of the .pkg and is valid, opens without any problem, except when you download it from the internet, is there any other way to sign or avoid that?
What I did was change the certificate type to one of the Developer ID Installer type:
EYE: Only the Team Agent can create this type of certificate, if not You are the Team Agent, even if you are an Admin user, you can not create it, communicate with your Team Agent and send your CSR file so you can generate the certificate.
Once this is done, double-click the certificate (previously downloaded) to add it to Keychain Access and proceed to sign your .pkg with the productsign (1) tool as follows (Terminal):
productsign [options] --sign identity input-product-path output-product-path
Example:
productsign --sign "Nombre de tu Certificado en Keychain Access" ruta-de-entrada-al-pkg ruta-de-salida-al-pkg