Why is my packaged chrome extension not updating?

Question

UPDATE: Solved one part, but not other

1. I have the CRX updating now (it was not rebuilding).

2. However, Chrome will not accept the XML or CRX at an https URL.

I believe #2 is because it's a self-signed certificate. Does anyone know if there's a way around this? (This is purely for development, so hosted internally)

ORIGINAL POST:

I created a packaged extension that is hosted on my internal website, but is added to Chrome via dragging it from the desktop (because Chrome won't allow installing packaged extensions via external websites - see here: After adding ExtensionInstallSources preference with my URL to Chrome Preferences, still won't allow installing ".crx" packaged app ).

The manifest has the update_url set to an XML file located on my site. That XML file has the url for the crx file set under updatecheck codebase='...'. Both files exist on the website and are findable. I also upated the version number from 2.0.0.2 to 2.0.0.2 in both the XML file and the manifest.json. I also made a change in the index.html file of the extension.

I checked the appid and it is the same in the XML file and in Chrome.

Despite clicking the "update extensions now" button about 50 times, and waiting 10 minutes, it does not update.

NOTE: I did alias the internal ip 192.168.1.108 where the site is hosted in my hosts file as myinternal.fake but this works in both chrome and firefox so I don't think that's the issue

Update XML File (located at: https://myinternal.fake/updates/helloworld.xml)

<?xml version='1.0' encoding='UTF-8'?>
<gupdate xmlns='http://www.google.com/update2/response' protocol='2.0'>
    <app appid='akchdaojnpiglpjeiamjpacbkppcgbgj'>
        <updatecheck codebase='https://myinternal.fake/helloworld.crx' version='2.0.0.2' prodversionmin='23' />
    </app>
</gupdate>

manifest.json

{
    "manifest_version": 2,
    "name": "Hello World",
    "version": "2.0.0.2",
    "minimum_chrome_version": "23",
    "update_url": "https://myinternal.fake/updates/helloworld.xml",
    "icons": 
    {
        "16": "icon_16.png",
        "128": "icon_128.png"
    },
    "app": 
    {
        "background": 
        {
            "scripts": 
            [
                "main.js"
            ]
        }
    }
}

EDIT: I also checked and the header is an acceptable one for Chrome (according to this: http://developer.chrome.com/dev/extensions/hosting.html). It sends the CRX file as "text/plain" and does NOT send the header X-Content-Type-Options: nosniff so it should be valid.

Also, when I changed from https to http, now when I click "update extensions now" the extension disappears for a split second which indicates it's now reading the XML, but still not accepting the update!

Answer 1

The issue is with self-signed certificates and Chrome. Chrome does not accept Extension updates form self-signed certificates unless they're an "accepted" authority. These steps will make it work:

1. Follow these steps: https://stackoverflow.com/a/15076602/857025 to export your certificate and then import it as an authority

2. Close Chrome

3. Restart Chrome

4. Close extensions window if opened

5. Reopen via "chrome://extensions" and then click "update extensions now"

It should then update your extension located on a self-signed https connection.

UPDATE This is not a perfect solution as Chrome appears to be a bit wonky in accepting self-signed certs. It randomly stops seeing updates. If I switch back to using regular http (for the update_url and the CRX's url), updates happen every time.

I checked and my cert is still a trusted authority but Chrome suddenly stopped recognizing updates, so there must be an issue with this.