I've been trying to sign my extension with ucf.jar to make it possible to install the .zxp. I created a self-signed certificate using Keychain Access > Certificate Assistant in MacOSX and exported it to a .p12-file. When i try to build and sign the .zxp with:
java -jar ucf.jar -package -storetype PKCS12 -keystore certificate.p12 -storepass password myExtension.zxp -C "./myExtension/" .
i get the following stacktrace:
Packaging failed: Unknown or invalid signature algorithm.
java.security.GeneralSecurityException: Unknown or invalid signature algorithm.
Couldnt find anything about this in the sign-toolkit-pdf.
i have exactly this problem and it's driving me crazy!
i have an exisitng p12 file that works (for a differnt entity),
this is signed using SHA-1 with RSA encryption. the keychain assitiant signs using SHA256 by default.
So i though aha that's the problem, i then used the certool command line tool to crate a new cert signed using SHA-1 and exported that.
Still no dice, yet the cert pairs seem indentical in every way except the actuall name and organisation being different.
Iv'e tried the same on java under windows too. same result.
Sorry to hear you've been having problems with this - the next release of the signing toolkit should hopefully make things easier.
For now, please try these two things:
Please let me know how you get on.