Macos Mac OS X 10.9.5中已签名的.mpkg文件在Mac OS X 10.10.1中安装时显示为未签名

我有一个myFile.mpkg文件，并在Mac OS X 10.9.5中使用命令行实用程序productsign和以下命令对其进行了签名：

productsign --sign "Developer ID Installer: MyDeveloperInstallerId" myFile.mpkg 
mySignedFile.mpkg

spctl -a -t exec -vv mySignedFile.mpkg

运行命令时的输出如下所示：

productsign: preparing "myFile.mpkg" for signing...
productsign: Using timestamp authority for signature
productsign: Wrote signed product archive to mySignedFile.mpkg

然后，为了验证我的文件是否已签名，我运行了以下命令：

pkgutil --check-signature mySignedFile.mpkg

结果是：

Package "mySignedFile.mpkg":
Status: signed by a certificate trusted by Mac OS X
Certificate Chain: etc...

mySignedFile.mpkg: rejected
source=obsolete resource envelope

然而，当我试图将我的签名文件安装到Mac OS X 10.10.1时，出现了以下消息：

 mySignedFile.mpkg can't be opened because the identity of the developer cannot be 
 confirmed

知道为什么会这样吗？签字过程中有什么问题吗

[更新]

找到这个

并运行以下命令：

productsign --sign "Developer ID Installer: MyDeveloperInstallerId" myFile.mpkg 
mySignedFile.mpkg

spctl -a -t exec -vv mySignedFile.mpkg

结果是：

Package "mySignedFile.mpkg":
Status: signed by a certificate trusted by Mac OS X
Certificate Chain: etc...

mySignedFile.mpkg: rejected
source=obsolete resource envelope

这意味着我的包将在10.9.5（OSX Mavericks）/10.10（OSX Yosemite）或更高版本被Gatekeeper拒绝

我还检查了签名的版本，发现了一些奇怪的东西：

codesign -dvvv mySignedFile.mpkg

Executable=mySignedFile.mpkg/Contents/distribution.dist
Identifier=mySignedFile
Format=installer package bundle
CodeDirectory v=20200 size=183 flags=0x0(none) hashes=1+3 location=embedded
Hash type=sha1 size=20
CDHash=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Signature size=7589
Authority=Developer ID Application: My Company
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Jan 14, 2015, 13:08:13 pm
Info.plist=not bound
TeamIdentifier=XXXXXXXXX
Sealed Resources version=2 rules=4 files=2
Internal requirements count=1 size=200

Info.plist代替entries=一个数字等于not bound