Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Problem with local installation of signed XPI

  • 6 replies
  • 2 have this problem
  • 1 view
  • Last reply by jfix

more options

Hello, I have created an extension and signed it with this command (on a Mac):

$ jpm sign --api-key [apikey] --api-secret [apisecret]

It is unlisted on AMO, but the XPI itself is available here:

https://github.com/jfix/adestra-extensions/releases/download/v3.0.1/oecddirect-3.0.1-fx.xpi

Within our organisation we would like to install this extension on users' computers (all Windows 7). We've been looking at the official documentation here:

https://developer.mozilla.org/en-US/docs/Archive/Mozilla/Adding_extensions_using_the_Windows_registry https://developer.mozilla.org/en-US/Add-ons/Installing_extensions https://mike.kaply.com/2012/02/09/integrating-add-ons-into-firefox/

However, whatever we tried, the extension is disabled (see attached screenshot). We tried to change the `xpinstall.signatures.required` to `false` which enabled it but still said something about the extension not being verified.

The Firefox version used is 45. Windows 7.

Hello, I have created an extension and signed it with this command (on a Mac): $ jpm sign --api-key [apikey] --api-secret [apisecret] It is unlisted on AMO, but the XPI itself is available here: https://github.com/jfix/adestra-extensions/releases/download/v3.0.1/oecddirect-3.0.1-fx.xpi Within our organisation we would like to install this extension on users' computers (all Windows 7). We've been looking at the official documentation here: https://developer.mozilla.org/en-US/docs/Archive/Mozilla/Adding_extensions_using_the_Windows_registry https://developer.mozilla.org/en-US/Add-ons/Installing_extensions https://mike.kaply.com/2012/02/09/integrating-add-ons-into-firefox/ However, whatever we tried, the extension is disabled (see attached screenshot). We tried to change the `xpinstall.signatures.required` to `false` which enabled it but still said something about the extension not being verified. The Firefox version used is 45. Windows 7.
Attached screenshots

All Replies (6)

more options

Try to ask advice at the Add-ons forum website.

more options

I'm pretty sure Firefox wants the extension to be signed by the Mozilla Add-ons team's private key.

more options

Locally installed extensions probably only work properly if they had a full review and have SIGNEDSTATE_SIGNED (2). You can find the state in the extensions.json file.

SIGNEDSTATE_MISSING: 0 - Add-on is unsigned
SIGNEDSTATE_PRELIMINARY: 1 - Add-on is preliminarily reviewed
SIGNEDSTATE_SIGNED: 2 - Add-on is fully reviewed
SIGNEDSTATE_SYSTEM: 3 - Add-on is system add-on
more options

Thanks @jscher2000 and @cor-el for your replies. I take it, looking at them, that the signing process I used (jpm sign --api-key [...] --api-secret [...]) is not sufficient. Looking at the extensions's listing, it is only "preliminarily reviewed". I didn't know I needed more.

Now, obviously, my next question: How can I get a "full review" in order to move up to signedstate 2?

Thank again so far!

Modified by jfix

more options
more options

For reference, I have opened a thread, as suggested, here: https://discourse.mozilla-community.org/t/how-to-request-a-in-depth-review-of-my-addon/8332