Ask a Question

Solution ID : SO16126

Error -260 when trying to run a signed XPI application

Problem

Firefox does not recognize the Thawte Code Signing CA - G2 issued by the Thawte Primary Root CA as valid for XPI signing.
When checking applications signed, Error -260 gets received

Cause

In order to run a signed XPI successfully, the root that signs the Thawte Primary Root CA needs to have "This certificate can identify software makers" enabled. With our Thawte Primary Root Ca, this is not the case currently. We have opened a case with Mozilla to have this done.
 

Solution

In order to resolve the Error -206, perform the following steps:
 
1. On the machine that you're doing the signing from, remove the Thawte Code Signing CA - G2 (issued by the Thawte Primary Root CA), as well as the Thawte Primary Root CA (issued by the Thawte Premium Server CA)
 
2. Attached is another version of the Thawte Code Signing CA - G2, this one issued directly by the Thawte Premium Server CA. Download and install this one to the machine you're doing the signing from. This will resolve your issue.