Hi!
> > We run our own PKI and use
> > || force_bool_pref("app.update.cert.requireBuiltIn", false);
> > in integrator to allow updates from our site.
>
> Thanks, but still no success. I added this line to my 10.0.1 integrator
> xpi and update it manually. It is set according to my configuration. But
> the missing connector plugin is not updated (same error message as
> before: certificate is not builtin). This is tested on a windows
> machine. I will test this in linux as well.
>
> in my web server log I can see that thunderbird runs
> "GET /plugins/SOGo/sogo-connector-10.0.1.xpi HTTP/1.1"
> and the plugin is there.
>
> Are there any other settings to be done?
You probably added the directive to the wrong place, then? Forced
preferences should go to chrome/defaults/preferences/site.js
You could add some more prefs to get automatic updates and TB updates as
well (but most of them are the default anyways):
|| force_bool_pref("extensions.update.auto", true);
|| force_bool_pref("extensions.update.enabled", true);
|| force_bool_pref("app.update.silent", true);
|| force_bool_pref("app.update.enabled", true);
|| force_bool_pref("app.update.auto", true);
|| force_int_pref("app.update.mode", 1);
Hope, this helps.
Ah, and one more thing: intermediate(*) CAs need to be either in TB cert store
or in the cert chain the web server presents to the client...
-- Adi
(*) just in case you're using a root ca that issued a web server ca that
is used to sign server certificates. But if you're running your own pki
you most probably know what you're doing... ;-)
--
users@sogo.nu
https://inverse.ca/sogo/lists
