Downloaded our OS X client from www.cendio.se on out Mac OS X 10.10 client. The GateKeeper prevent running the application. Verified that package was signed using `codesign -v`...
Also verified that GateKeeper was configured to allow apps from identified developers.
"You can also use the spctl tool to check if Gatekeeper will accept
your app's signature. spctl is a command-line interface to the same
security assessment policy subsystem that Gatekeeper uses."
$ spctl -a -t exec -vv Foo.app
lab-42:~ admin$ spctl -a -t exec -vv /Volumes/ThinLinc\ Client\ 1/ThinLinc\ Client.app
/Volumes/ThinLinc Client 1/ThinLinc Client.app: accepted
origin=Developer ID Application: Cendio AB (PHUT6TWL4H)
Sep 8 13:33:55 lab-42.lkpg.cendio.se CoreServicesUIAgent: Error -60005 creating authorization
Sep 8 13:33:55 lab-42.lkpg.cendio.se CoreServicesUIAgent: File /Volumes/ThinLinc Client 1/ThinLinc Client.app/Contents/lib/tlclient/pulseaudio failed on loadCmd /opt/thinlinc/lib/libpulsecore-4.0.dylib
Sep 8 13:33:55 lab-42.lkpg.cendio.se CoreServicesUIAgent: Fails dylib check
This is mentioned here:
"Gatekeeper Changes in OS X v10.10.4 and Later"
Note: The changes in this section also apply to OS X v10.9.5 if Security Update 2015-005 Mavericks has been installed.
The changes in this section also apply to OS X v10.8.5 if Security Update 2015-005 Mountain Lion has been installed."
Tested signing tl-4.4.0post_4895-client-osx.iso, seems to work fine.
Verified that my test signed iso worked as expected.