15 messages in org.mozilla.lists.dev-extensionsRe: FF3RC1: An error occurred while t...
FromSent OnAttachments
lega...@gmail.com19 May 2008 06:26 
John J. Barton19 May 2008 07:52 
Eric H. Jung19 May 2008 09:58 
Dave Townsend19 May 2008 10:08 
lega...@gmail.com19 May 2008 22:43 
Mook19 May 2008 22:55 
John J. Barton20 May 2008 07:22 
Mike Shaver20 May 2008 09:12 
Eric H. Jung20 May 2008 09:14 
Nils Maier20 May 2008 11:20 
Mook22 May 2008 21:49 
Mike Shaver23 May 2008 07:52 
Mook26 May 2008 04:35 
Demiao Lin27 May 2008 01:47 
Eric H. Jung27 May 2008 08:37 
Subject:Re: FF3RC1: An error occurred while trying to find updates
From:John J. Barton (john@johnjbarton.com)
Date:05/20/2008 07:22:45 AM
List:org.mozilla.lists.dev-extensions

lega@gmail.com wrote:

On May 19, 7:58 pm, "Eric H. Jung" <eric@yahoo.com> wrote:

----- Original Message ----

From: "lega@gmail.com" <lega@gmail.com> P.S. local.site.com - is a local site (Apache 2.0) with self-signed certificate.

AFAIK, you cannot use self-signed certificates. You need a cert that has a valid
chain to a root CA.

May be I can solve this problem by moving my extension to addons.mozilla.org?

Another alternative is to use signed updates rather than https. The extension is shipped with a public key. When the update.rdf is downloaded by Firefox, its signature is checked by Firefox. If that check succeeds, then Firefox downloads the update and computes its hash to prevent attacks during download.

Here are the steps as I remember them: 1. Use mccoy http://developer.mozilla.org/en/docs/McCoy to put a public key string into your install.rdf. 2. build your XPI zip file, including the install.rdf from #1. 3. Compute the SHA256 hash of the XPI file (a string), put this updateHash in your update.rdf 4. Use mccoy to sign the update.rdf with the key from #1.

This is more complex than using addons.mozilla.org, but also more flexible.

John.