The following post is very technical and intended for developers.
While building the Streak Safari extension, I was finding it difficult to integrate the building of the extension into our build process. Building Streak and its associated extensions is all done using various shell scripts but Apple’s instructions for building Safari extensions requires you to startup Safari and build the extension in the GUI.
I was unable to find a complete step-by-step instruction on how to programmatically build Safari extensions, so I’m writing this post so others can see. This guide is for people running OS X.
1. Install latest version of Safari
2. Download a patched version of the eXtensible ARchiver (xar) utility
path/to/xar -f filename.safariextz —extract-certs certs
openssl pkcs12 -in Certificates.p12 -nodes | openssl x509 -outform der -out cert.der
openssl pkcs12 -in Certificates.p12 -nodes | openssl rsa -out key.pem
12. Copy the cert.der and key.pem files into the location where your build script will be running
13. Your directory should now have the following files:
openssl dgst -sign key.pem -binary < key.pem | wc -c > size.txt
15. Now for the build script itself, each project will be different, but the first part of your build script should get all the files necessary for the Safari extension into a folder with a .safariextension. So ours is Streak.safariextension. Don’t include your certificate files in the safariextension folder, they should exist outside of the folder.
16. Copy and modify this gist to get the part of the script that will generate and sign the compressed Safari extension file.
17. Profit! You should now be able to build your Safari extension from the command line.
The great thing too is that you can checkin your cert files into your source control and other developers will be able to compile the extension as well — without generating their own certs. Just make sure they have the xar utility installed.
Special thanks goes to mackyle for patching the xar utility to make this all possible!