Hi, I created my first add-on, and now I want to sign it, so my friends can use it.
I don’t want to upload my extension to mozilla store.
When I run this command inside add-on folder: jpm sign --api-key ${user:*******:***} --api-secret ${**************************************************************}
i get this error:
> JPM [info] Created XPI for signing: C:\Users\STEFAN~1\AppData\Local\Temp\tmp-unsigned-xpi-5168BFT2GMmLtNlm\@ffe-1.0.0.xpi
> JPM [error] FAIL
> Error: Received bad response from the server while requesting https://addons.mozilla.org/api/v3/addons/%40ffe/versions/1.0.0/
> status: 401
> response: {"detail":"Unknown JWT iss (issuer)"}
> headers: {"allow":"GET, PUT, HEAD, OPTIONS","content-security-policy":"script-src 'self' https://addons.mozilla.org https://www.paypalobjects.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://ssl.google-analytics.com https://addons.cdn.mozilla.net; default-src 'self'; img-src 'self' data: blob: https://www.paypal.com https://ssl.google-analytics.com https://addons.cdn.mozilla.net https://static.addons.mozilla.net https://ssl.gstatic.com/ https://sentry.prod.mozaws.net; media-src https://videos.cdn.mozilla.net; style-src 'self' 'unsafe-inline' https://addons.cdn.mozilla.net; frame-src 'self' https://ic.paypal.com https://paypal.com https://www.google.com/recaptcha/ https://www.paypal.com; object-src 'none'; connect-src 'self' https://sentry.prod.mozaws.net; font-src 'self' https://addons.cdn.mozilla.net; report-uri /__cspreport__","content-type":"application/json","date":"Tue, 15 Mar 2016 22:27:05 GMT","server":"nginx","set-cookie":["multidb_pin_writes=y; expires=Tue, 15-Mar-2016 22:27:20 GMT; Max-Age=15; Path=/"],"strict-transport-security":"max-age=31536000","vary":"X-Mobile, User-Agent","www-authenticate":"JWT realm=\"api\"","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block","content-length":"38","connection":"Close"}
> at C:\Users\stefanmarkovic\AppData\Roaming\npm\node_modules\jpm\lib\amo-client.js:92:13
> at tryCatchReject (C:\Users\stefanmarkovic\AppData\Roaming\npm\node_modules\jpm\node_modules\when\lib\makePromise.js:845:30)
> at runContinuation1 (C:\Users\stefanmarkovic\AppData\Roaming\npm\node_modules\jpm\node_modules\when\lib\makePromise.js:804:4)
> at Fulfilled.when (C:\Users\stefanmarkovic\AppData\Roaming\npm\node_modules\jpm\node_modules\when\lib\makePromise.js:592:4)
> at Pending.run (C:\Users\stefanmarkovic\AppData\Roaming\npm\node_modules\jpm\node_modules\when\lib\makePromise.js:483:13)
> at Scheduler._drain (C:\Users\stefanmarkovic\AppData\Roaming\npm\node_modules\jpm\node_modules\when\lib\Scheduler.js:62:19)
> at Scheduler.drain (C:\Users\stefanmarkovic\AppData\Roaming\npm\node_modules\jpm\node_modules\when\lib\Scheduler.js:27:9)
> at doNTCallback0 (node.js:419:9)
> at process._tickCallback (node.js:348:13)
What am I doing wrong? I just need to let my friends use this extension without using developer’s version of firefox or turning some safety flags off, so they can install it with simple XPI. Thanks in advance.