tags:

views:

219

answers:

2
Q: 

XPI signing linux no gui

I'm trying to sign an XPI on linux (no gui) using the NSS cert db (cert8.db and key3.db) i copied from another server of mine, on which I can sign XPI's just fine.

On the new box I can sign with a brand new test certificate ok, but when i try to use the old cert db, it complains with:

signtool: PROBLEM signing data (Unknown issuer)

Certutil lists the cert im trying to use with a * and the CA is present in there as well.

Is this cert db transferable between computers like this? Or are there any other files I have to setup?

TIA Mike

+1  A: 

im not sure if this is what you need, but here it is: http://www.mercille.org/snippets/xpiSigning.php

John Boker  2008-09-28 21:26:25
another link: https://www.mozdevgroup.com/docs/pete/Signing-an-XPI.html
Adam Bernier  2009-06-11 04:52:31
+1  A: 

If the certificate chain has an intermediate CA that also needs to be there.

NSS is rather picky when it comes to the chain and also needs the certs to have been marked as trusted.

koregan  2008-12-10 11:45:39

related questions

What are Delay Signed Assemblies?
Why do I get Cryptography_CSP_NoPrivateKey when using IIS but not when using VS development server?
iPhone Provisioning: Is keychain is inserting wrong email address into the CSR?
Windows Installer: Signing Transforms
VS2008 Usage of Strong Name Keys in multiple projects
Signing in Visual Studio 2005 - error using existing .pfx
How do you sign an assembly that was generated by an ILMerge operation?
API/Library to replace signtool.exe
Which type of key .NET assemblies uses for signing and how to create it?
What type of X509 Certificate to use for XML Signature?
What is the difference between encrypting and signing in asymmetric encryption?
Programmatic Signing of Native Windows Mobile Apps
J2ME and (open source) applet signing for Mobile Devices (esp. phones) - what can I do?
Is it possible to restrict the number of copies which can be printed from a PDF?
ClickOnce installations
How to fix "Referenced assembly does not have a strong name" error (VS2005)
How do you package and self host your Firefox extensions?
How can I get a 64 bit USB driver to load in Vista 64.
How to avoid the (Author not verified) message when installing a Firefox XPI file
Hardware Acceleration for non-SSL based signing and encryption.
Can i update a signed jar using an ANT Task?
How do I sign a Java applet using a certificate in my Mac keychain?
Java Applet - Partially Signed?
Best practices for signing .NET assemblies?