How do you sign your Firefox extensions?

I've used the comodo certificate to sign XPIs. It was the cheapest option at the time.

I've written a few posts on the XPI Format and a howto for signing using a java commandline tool.

My tool XPISigner simplifies the process considerably and is integratable into build systems.

I've removed the tool as it no longer works with FF4 or higher. Source is available on http://code.google.com/p/xpisigner/ if anyone feels like fixing.


Avoid the GoDaddy codesigning certs as the necessary intermediate CA certificate isn't in Firefox by default. C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\,Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,SERIALNUMBER=07969287'

If you sign with it your users will get signing errors with it.

e.g.

SIgning could not be verified. -260