CA of Signed XPI
Posted: Wed Dec 29, 2010 10:17 pm
2 Part question about the signed XPI of NoScript
1.) Who did you get the signing certificate from to sign the XPI
2.) What CA Certificate(s) is needed for it to show up as trusted in the browser
Asking for multiple reasons. I'm having a heck of time finding a CA that issues certificates for this that require no additional certificates besides the default certificates that are included in the browser. It appears you have done this as it shows as signed (InformAction) as opposed to author not verified. I would like to know this so I may user that service for my own extensions.
I also would like to know to make sure that we do not take out that CA certificate your extension uses in our environment so that people can use your extension. If that certificate is removed and the XPI is signed, install will fail, which is ironic because a non-signed XPI will still install fine.
Thanks, you may reply privately to rdisiena@hotmail.com if you wish.
1.) Who did you get the signing certificate from to sign the XPI
2.) What CA Certificate(s) is needed for it to show up as trusted in the browser
Asking for multiple reasons. I'm having a heck of time finding a CA that issues certificates for this that require no additional certificates besides the default certificates that are included in the browser. It appears you have done this as it shows as signed (InformAction) as opposed to author not verified. I would like to know this so I may user that service for my own extensions.
I also would like to know to make sure that we do not take out that CA certificate your extension uses in our environment so that people can use your extension. If that certificate is removed and the XPI is signed, install will fail, which is ironic because a non-signed XPI will still install fine.
Thanks, you may reply privately to rdisiena@hotmail.com if you wish.