Add-ons/Extension Signing: Difference between revisions

Add-ons/Extension Signing (view source)

Revision as of 13:09, 24 December 2021

16 bytes removed , 24 December 2021

Remove obsolete information about hotfix; fix link

Robwu

44

edits

@@ Line 59: / Line 59: @@
 === Signing of special add-ons ===
-There are three special cases of add-ons developed by Mozilla: System add-ons, Mozilla Extensions and Hotfixes.
+There are three special cases of add-ons developed by Mozilla: System add-ons and Mozilla Extensions.
 * If the add-on is a system add-on, the Organizational Unit (OU) of the end-entity certificate must be set to "Mozilla Components".
 * If the add-on is a Mozilla Extension, the OU of the EE cert must be set to "Mozilla Extensions".
-* If the add-on is a hotfix, the add-on ID must match the pref `extensions.hotfix.id` (currently `firefox-hotfix@mozilla.org`) and the public key hash of the end-entity cert must match the fingerprints set in `extensions.hotfix.certs.1.sha1Fingerprint` or `extensions.hotfix.certs.2.sha1Fingerprint`.
 * If the add-on is signed with the staging root, in Nightly you need to set the pref `xpinstall.signatures.dev-root = true` to tell Firefox to verify it
 refs:
 * https://searchfox.org/mozilla-central/source/toolkit/mozapps/extensions/internal/XPIProvider.jsm
-* https://developer.mozilla.org/en-US/docs/Signing_a_XPI
+* Out-dated information about how XPIs were signed in the past: https://web.archive.org/web/20200105223104/https://developer.mozilla.org/en-US/docs/Archive/Add-ons/Signing_an_XPI
 == Documentation ==
@@ Line 74: / Line 73: @@
 * [https://blog.mozilla.org/addons/2015/04/15/the-case-for-extension-signing/ The Case for Extension Signing], Add-ons Blog.
 * [https://bugzilla.mozilla.org/show_bug.cgi?id=signed-addons Main tracking bug].
+* [https://extensionworkshop.com/documentation/publish/signing-and-distribution-overview/#distributing-your-addon Signing and distributing your add-on], Extension Workshop.
 == Timeline ==