Snippets code from my daily experience

September 19, 2011

Signing extensions, McCoy, Spock, Uhura and private keys

Filed under: Uncategorized — dafi @ 6:15 pm

I’ve written many extensions in these years and not all are present on AMO, many extensions are hosted on customers servers and are updated using signed update.rdf files.

Production environments require automated tasks to create and maintain update and I’ve always used command line tools to pack XPI files and generate corresponding update.rdf files.

I’ve always used McCoy + Spock on from linux boxes to achieve these results.

A customer asked me to migrate the env from Ubuntu 64bit to OSX Lion so I’ve decided to drop Spock in favor of Uhura that uses only Perl scripts to sign extensions and doesn’t need a McCoy profile.

The problem was to migrate private keys generated with McCoy and use them with Uhura, the binary version (v0.5) available from McCoy web page doesn’t allow to export private keys but the code present on mercurial has this feature

 hg clone

so I’ve compiled it and exported all my private keys in a couple of minutes.

Ok a couple of minutes plus 6/7 hours to compile McCoy, the Mozilla build process is documented very very well but I’m lazy and stupid so compiling McCoy and Mozilla necessary files required me a bit of time.

If you need to export private keys from McCoy you can download my compiled version for Linux i686 from here, if you need a version for Windows or OSX I’m sorry but you must compile yourself.


Blog at

%d bloggers like this: