OK. So I have my Netscape 6.2 plugin and I created a cool .xpi for it so
the user can install it. And I've got the VeriSign ID and the signtool.exe
(1.3). Now, how do I sign the plugin? I tried running the signtool.exe to
build the .xpi (since its just a zip file) but there doesn't seem to be any
checking of the file(s) during the install.
As an experiment, I 'corrupted' one of the files in the .xpi file so that
signtool -v showed it had modified ('failed hash checking' or something like
that). Then I ran the InstallTrigger.install() code in my install.js file
and it never told me anything was wrong. It never indicated the plugin was
signed or not.
Is there a way to sign a .xpi file?
David Wendt
