Dear list members, I'm trying to sign an XPI with a certificate with the GTE Cybertrust Global Root CA at the top of the certificate chain. The chain looks as follows: [Root CA]-[Primary CA]-[Code Signing CA]-[Signing certificate], and we want the GTE on certificate on top because it's one of Firefox's built-in certificates.
When I try to install the XPI in Firefox (v1.5/v2), I get the "Signing could not be verified (-260)" error. When I replace the GTE Cybertrust Global Root CA with our own Root CA certificate in the chain, and I install our Root CA certificate explicitly in Firefox, it works as expected. The difference between our Root CA certificate and the GTE one, is the fact that ours is a version 3 certificate while GTE's is version 1. Other signed XPI's I downloaded from the Internet all seem to point to a level 3 root certificate. Has anyone experienced similar issues or can anyone point me in another direction, because I'm running out of inspiration real fast here. Thanks, Robby _______________________________________________ dev-tech-xpinstall mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-xpinstall
