> D:\sources\Signing Tools\NSS Tools>signtool -d CA -k > "0d7de953-f681-4250-bece-f7 > cabfd288c8" Addin
Is that really the complete command line you used to create the signed extension? How did you create the XPI archive? I suggest you use "-X -Z myextension.xpi" with signtool, this will create a correct XPI file (META-INF/zigbert.rsa must be the first file in the XPI archive, this might be the problem in your case). > D:\sources\Signing Tools\NSS Tools>signtool -d CA -w Addin\extension.xpi > using certificate directory: CA > > Signer information: > > nickname: 0d7de953-f681-4250-bece-f7cabfd288c8 > subject name: CN=Medialive,OU=SECURE APPLICATION > DEVELOPMENT,O=Medialive,L=Paris > ,ST=France,C=FR > issuer name: CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA > ---------------------------------------------------------------------------------------------------------------------- This looks good, Thawte code signing certs should actually work with a default configuration of the NSS builtin roots. Kaspar _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto