Unable to deploy signed add-ons to Firefox 52.0.2 on macOS

Hi all.

I’m trying to deploy a few add-ons to a number of computers running macOS and am having trouble with Firefox automatically disabling the add-ons with the following error;

’ could not be verified for use in Firefox and has been disabled’

The contextual links provided in the error all link to various documentation regarding signing of the add-on, yet all the add-ons I am trying to be deployed are signed.

To deploy the add-on, I am using the method listed at the link below as ‘Scenario 2’;

I have also tried using the location described in the following link in the developer documentation;

Essentially, I unzip the xpi, rename the folder to the extension ID, and install the folder to the correct location so that Firefox will see it.

In both instances, Firefox seems to have no trouble seeing the add-ons, but always disables the add-ons with the error.

I am having this problem with UBlock Origin (1.11.4 - from AMO), Lastpass 4.1.44a (from https://lastpass.com) and an internal company customisation created in CCK2 and signed in AMO.

I am using the same technique in Windows but am not seeing any issues there - the same extensions are working fine.

Any help on this matter would be greatly appreciated!

I wanted to also note that I’ve tried two different methods for unzipping - using the built-in macOS unzip tool as well as Unarchiver app, in case the unzip process was mangling some files in the extensions causing them to be unverifiable. I thought that perhaps something was getting mucked up when I packed the unzipped folder up into an install package (permissions or such), so I changed my deployment method to copy across the original .xpi file and unzip it on the client computer directly to a folder named with the extension ID.

Unfortunately none of these things helped to mitigate the problem. Any clues as to what might be causing the plugins to fail to verify?

I’m at the end of the road here. I’m pretty sure I’ve tried everything to get this working with no luck unfortunately. No matter what I seem to do, I can’t get Firefox to allow any add-ons I sideload, even if they are properly signed.
Changing permissions doesn’t seem to help.
Extracting on the client doesn’t seem to help.
Always the same error - 'could not be verified for use in Firefox and has been disabled’
Pulling my hair out trying to get this to work, and I can’t think of anything else to try. Any ideas anyone?

Mac OS X can generate some hidden files in directories by just opening them in the Finder. Is your installation process fully automated? I can imagine cases when an add-on is manually extracted and the signature fails due to those hidden files.

You might also want to ask in the Enterprise group, where there are people with more experience on these situations.

Hi jorgev,

The process is fully automated - the directory is never opened in the Finder - it’s extracted via command line using the built in unzip tool with the correct name in the correct location.

Just to be sure, I tried re-uploading a new version of my company add-on to AMO, it was automatically signed, downloaded that signed file, unzipped it via command line and never opened it in the Finder and it still doesn’t work - same ‘could not be verified’ error.

Thanks I’ll try the Enterprise Group. Wish it was easier to know where to access support - previous to this I tried at Mozilla Support, and was directed here.

Thanks again