> I was under the impression that this wasn't Cesar's primary goal, since > he previously wrote that "I am trying to understand certificate > authorities and how the process goes". > > So, for educational purposes, such a cert will do the trick. On the > other hand, if the XPI file should be distributed to a larger audience, > then of course you're perfectly right that a cert signed by a DIY CA is > pretty useless. > > Kaspar
That's 100% correct. This is just for me trying to understand the process. I am not actually going to distribute the certificate myself. Thanks to Kaspar and http://certs.mozdev.org/, I have finally been able to make this all work now. I was missing the certificate extensions. But that didn't still work, so I followed what was on the website and that seems to work (I created my CA with -G, and the website above suggested something else). More importantly then getting it working, you explaining why I need extensions brought me a better understanding of why previous attempts failed. Thank you, and everyone else for your help. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
