What is the Chrome extension .pem file for?

Question

When I created my first Google Chrome extension, I followed the labyrinth of instructions to a T and was left with a successfully launched extension. I was also left the new owner of an enigmatic .pem file that I was warned to place in a secure spot and never lose. I conscientiously placed the file in a safe place and possibly made several backups while I was at it. It has been several months now, and while I have launched some more extensions and made quite a few updates, I have, not once, looked back at the .pem file. What is this file that I have been guarding with my life -- and would it really be so terrible if I decided to clear out some clutter and delete it?

I have tried to investigate further into what this file is, but for something that is supposedly so crucial, there is very little information out there. The documentation states only:

Do not lose the private key! Keep the .pem file in a secret and secure place; it will be needed to update the extension.

This statement is most definitely untrue, as I have made quite a few updates with nary a glance at the .pem. I also found this question on SO, but the only information provided is that it is needed to:

Update the extension

Again, untrue, and:

Upload a previously packaged extension to the Chrome Web Store (make sure that the file is called key.pem

I am honestly not sure what case that refers to.

I have also managed to glean that the file has something to do with certificates and signing, a topic that I know very little about.

Can someone provide me with a comprehensive explanation of what exactly the .pem is and why, according to everything I've come across, I must keep track of it so carefully?

Answer 1

As far as I know, the .pem (and actually .crx files in general) are no longer used when publishing extensions to the chrome web store. They only come into play for local/sideloading development

The .pem file is used in combination with a .crx file when you are NOT using the chrome store, and instead sideloading your extension.

So, let's say you make an app, package it, and put the file on a fileshare. In the manifest.json, you might have a update_url set to deliver updates If you want to update the app in this case, it must be signed with the same .pem file when generating the .crx

https://developer.chrome.com/apps/autoupdate#update_url