After hours of reading and scouring the web for information I was able to get the certificate converted and imported into my firefox cert database. I then downloaded NSS 3.9 and NSPR 4.4.1. I have spent the last few hours signing my files over and over again just for mozilla and firefox to say they are not signed.
Ok, the XPI file is as follows
psitoolbar.jar (which contains a contents folder with the xul and js files in it).
install.js
I have created it many ways. First I tried creating the psitoolbar.jar by
signtool.exe -d "c:\path\to\my\firefox\profile" -k "PSI" -i "psitoolbar/install.js" -p "mypassword" -Z psitoolbar.jar contents
then I moved the psitoolbar.jar into the psitoolbar folder that also contains install.js. I then run something along the lines of this:
signtool.exe -d "c:\path\to\my\firefox\profile" -k "PSI" -i "psitoolbar/install.js" -p "mypassword" -Z psitoolbar.xpi psitoolbar
->
using certificate directory: c:\path\to\my\firefox\profile
Generating psitoolbar/META-INF/manifest.mf file..
--> install.js
adding psitoolbar/install.js to psitoolbar.xpi...(deflated 53%)
--> psitoolbar.jar
adding psitoolbar/psitoolbar.jar to psitoolbar.xpi...(deflated 6%)
Generating zigbert.sf file..
adding psitoolbar/META-INF/manifest.mf to psitoolbar.xpi...(deflated 28%)
adding psitoolbar/META-INF/zigbert.sf to psitoolbar.xpi...(deflated 35%)
adding psitoolbar/META-INF/zigbert.rsa to psitoolbar.xpi...(deflated 24%)
tree "psitoolbar" signed successfully
Then to verify I run
signtool.exe -d "c:\path\to\my\firefox\profile" -k "PSI" -i "psitoolbar/install.js" -p "mypassword" -w psitoolbar.xpi
->
using certificate directory: c:\path\to\my\firefox\profile
Signer information:
nickname: PSI
subject name: L=Osceola,ST=Wisconsin,C=US,OU=Web Dept,O=PhotoSource International,CN=PhotoSource International
issuer name: CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA
after that I run the verify and get back
using certificate directory: c:\path\to\my\firefox\profile archive "psitoolbar.xpi" has passed crypto verification.
status path
------------ -------------------
verified install.js
verified psitoolbar.jarWhen I try to install it in firefox or mozilla they both say it's unsigned. I've tried many ways of doing this. I've not signed the psitoolbar.jar and just had it signed when I created the psitoolbar.xpi. I've tried tons of naming conventions, even designating the install script with the -i option and always end up at the same point. Signtool tells me it's all signed but Mozilla and Firefox say it's not signed.
Can anyone help me?
Jeff Klawiter Webmaster PhotoSource International _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
