Hi! > > We run our own PKI and use > > || force_bool_pref("app.update.cert.requireBuiltIn", false); > > in integrator to allow updates from our site. > > Thanks, but still no success. I added this line to my 10.0.1 integrator > xpi and update it manually. It is set according to my configuration. But > the missing connector plugin is not updated (same error message as > before: certificate is not builtin). This is tested on a windows > machine. I will test this in linux as well. > > in my web server log I can see that thunderbird runs > "GET /plugins/SOGo/sogo-connector-10.0.1.xpi HTTP/1.1" > and the plugin is there. > > Are there any other settings to be done? You probably added the directive to the wrong place, then? Forced preferences should go to chrome/defaults/preferences/site.js You could add some more prefs to get automatic updates and TB updates as well (but most of them are the default anyways): || force_bool_pref("extensions.update.auto", true); || force_bool_pref("extensions.update.enabled", true); || force_bool_pref("app.update.silent", true); || force_bool_pref("app.update.enabled", true); || force_bool_pref("app.update.auto", true); || force_int_pref("app.update.mode", 1);
Hope, this helps. Ah, and one more thing: intermediate(*) CAs need to be either in TB cert store or in the cert chain the web server presents to the client... -- Adi (*) just in case you're using a root ca that issued a web server ca that is used to sign server certificates. But if you're running your own pki you most probably know what you're doing... ;-) -- users@sogo.nu https://inverse.ca/sogo/lists