I have landed the ability to sign an XPInstall.
This quick email is meant as a sneak preview of signing support. In the
next few weeks, I hope to work with the technical publications to
produce a more descriptive document regarding how you can sign your
xpinstall's. In the meantime, you can take a look at the testcases I
created here:
http://www.mozilla.org/projects/xpinstall/signed/testcases/index.html
In a nutshell, if you want to create your own, first take a look a the
signtool documentation here:
http://developer.netscape.com/docs/manuals/signedobj/signtool/
Assuming you have a directory named "test" containing your install
files, the following commands will produce a signed xpi that will work
with mozilla (this assumes that the signing cert's name is "dougt"):
signtool -d ./certs -kdougt test
cd test
zip test.xpi META-INF/zigbert.rsa
zip -r -D test.xpi * -x META-INF/zigbert.rsa
mv test.xpi ../
cd ..
What these commands do is ensure that the zigbert.rsa file is the first
file in the xpi file. If this file, isn't the first file in the
archive, the install will be treated as unsigned.
If this is all a mystery to you, I advise against attempting to create a
signed install � again this email is meant as a sneak peek and not a
developer doc.
Doug Turner
[EMAIL PROTECTED]
- Signed XPInstalls Doug Turner
- Re: Signed XPInstalls Doug Turner
- Re: Signed XPInstalls Doug Turner
