Gatekeeper Settings: As I mentioned earlier, macOS has a feature called Gatekeeper that prevents users from opening applications from unidentified developers. By default, Gatekeeper is set to allow applications downloaded from the App Store and identified developers only. If your application is not signed by an identified developer, you may need to adjust your Gatekeeper settings to allow it to run. what you mean by identified developer

An identified developer is a developer or a software company that has registered with Apple's Developer Program and has been issued a digital certificate by Apple. This certificate allows them to sign their applications, indicating that they have been verified by Apple and are from a trusted source. When a user tries to open an application that is signed by an identified developer, Gatekeeper checks the application's digital signature to ensure that it has not been tampered with or modified since it was signed. If the digital signature is valid, Gatekeeper allows the application to run.

can i use sectigo comodo cert

Yes, you can use a Sectigo (formerly known as Comodo) digital certificate to sign your macOS applications, which will help to identify you as a trusted developer and allow your application to run on macOS with the default Gatekeeper settings.

To sign your macOS application with a Sectigo digital certificate, you need to first obtain a code signing certificate from Sectigo. Once you have the certificate, you can use the codesign command-line tool provided by Apple to sign your application with your certificate.

Keep in mind that before your application can run on macOS with the default Gatekeeper settings, your certificate must meet certain requirements, including being issued by a trusted certificate authority, being valid and not expired, and including an Apple Developer ID extension. Make sure to follow the instructions provided by Sectigo carefully and verify that your certificate meets these requirements before attempting to sign your application.

and including an Apple Developer ID extension ??

Yes, including an Apple Developer ID extension in your Sectigo digital certificate is necessary if you want your signed application to run on macOS with the default Gatekeeper settings.

Apple Developer ID is a type of digital certificate that allows developers to sign their applications with an extension that identifies them as a trusted developer. This extension is included in the digital certificate and is checked by Gatekeeper when a user tries to open the signed application. If the extension is missing or invalid, Gatekeeper may prevent the application from running.

To include an Apple Developer ID extension in your Sectigo digital certificate, you need to obtain the certificate from Apple's Developer Program and follow the instructions provided by Apple to create a Developer ID certificate request. You can then submit this request to Sectigo to obtain a Developer ID code signing certificate that includes the Apple Developer ID extension. Once you have the Developer ID certificate, you can use it to sign your macOS application with the codesign command-line tool.

will this be solved by apple id Notarization: Starting with macOS Catalina, Apple requires all software distributed outside the App Store to be notarized, which involves submitting the software to Apple for scanning and approval. If your application is not notarized, it may trigger a warning message on macOS ARM64 (M1). To notarize your application, you'll need to sign in to your Apple Developer account and use the Xcode or command-line tools to upload your application to Apple's notarization service.

No, including an Apple Developer ID extension in your digital certificate is separate from notarization, and having an Apple ID alone is not sufficient to meet the requirements for Gatekeeper settings.

Notarization is an additional step that Apple introduced with macOS Catalina to further enhance the security of macOS by requiring all software distributed outside the App Store to be notarized. Notarization involves submitting your application to Apple for scanning and approval, which can help to prevent the distribution of malicious software on macOS.

If your application is not notarized, it may trigger a warning message on macOS ARM64 (M1) or may not run at all on macOS with the default Gatekeeper settings.

To notarize your application, you need to sign in to your Apple Developer account and use the Xcode or command-line tools to upload your application to Apple's notarization service. Apple will then scan your application for malicious content and approve it if it meets their security standards.

So, if you want to distribute your application outside the App Store, you need to both include an Apple Developer ID extension in your digital certificate and notarize your application to ensure it runs on macOS with the default Gatekeeper settings.