What is MX-Tools?

MX-Tools is a set of command line tools that can be used during development of extensions for applications built on Mozilla platform. It simplifies such extension creation steps as signing installation packages or generating and signing update manifests.


MX-Tools consists of three command line tools:

  • Uhura - Mozilla Extensions Update Manifest Generator. It allows to generate and (optionally) sign an update manifest (update.rdf file) based on a list of installation packages and corresponding update URLs. It is also possible to generate a single update manifest for multiple versions of the same extension or even for a few different (related or unrelated) extensions.
  • Ensign - Mozilla Extension Installation Package Signer. It allows to create an installation package (.xpi file) signed with a given code signing certificate. No need to read manuals about creating a certificate store and importing your certificate(s).
  • Marine - Mozilla Application Update Package Creator. It allows to create full or incremental application update packages (.mar files) with a single command. It takes care of all the internals of how update packages are constructed and relieves the developer from the need to learn all those unnecessary (to him) details.

Why MX-Tools?

Although most of the tasks performed by MX-Tools can also be performed by a number of other tools (including well known ones available from Mozilla), there are reasons why one might consider those other tools inconvenient or sometimes even unsuitable for the purpose. In such cases MX-Tools can be a better candidate for the job, because:

  • Unlike McCoy, MX-Tools is purely command line, which makes it a perfect choice for automated builds. Also for interactive use it can be more convenient if the same operation needs to be performed repeatedly.
  • Unlike spock, MX-Tools supports multiple extensions per update manifest. Moreover, MX-Tools is completely written in a scripting language (Perl), which simplifies the installation procedure in many cases by eliminating the need for compiling any native binaries. Although MX-Tools does require a few extra Perl modules, installing those is a very simple operation that can be performed automatically by the CPAN package manager.
  • Unlike McCoy and spock, MX-Tools can create an update manifest file based on one or more installation packages and corresponding update URLs, eliminating the need to create and maintain an unsigned update manifest manually.
  • Unlike update manifests signed by McCoy or spock, update manifests generated and signed by MX-Tools are nicely formatted and easy to read.
  • Unlike NSS signtool, MX-Tools does not require a separate "clean" directory for signing, nor does it require creating an unsigned package first. It allows to specify a list of files to be signed and packaged.
  • Unlike spock and signtool, MX-Tools does not require a whole new infrastructure (NSS) to be able to just use a single tool to perform a single operation. It lets the developer to focus on the development tasks rather than maintaining an extra piece of software he doesn't really need.
  • Unlike all of the mentioned tools, MX-Tools does not use any key or certificate store, relieving the developer from the need to prepare such a store by putting there the required keys and certificates before being able to perform the desired operation.
  • Unlike XPISigner, MX-Tools does not mess up file permissions bits (the executable bit in particular, which can be important on UNIX-like systems).
  • Unlike Mozilla update packaging scripts, MX-Tools is truly cross-platform. It does not require UNIX shell emulation on Windows and other systems that do not support it natively.


The list below contains dependencies of all the tools included in MX-Tools together. It doesn't mean that all of them are required to run a particular tool or even to use a particular function of the tool. The only strict requirement is a Perl interpreter (the first item in the list). More details about the dependencies of each tool can be found on the description page of that tool.

  • Perl interpreter. MX-Tools requires Perl 5.8 or newer. On Windows ActivePerl is strongly recommended, because it comes with a number of modules not included in the standard Perl distribution. With ActivePerl installing extra modules required by MX-Tools does not involve compiling native binaries.
  • Perl modules not included in the standard Perl distribution: XML::Parser, RDF::Core, Digest::SHA1 or Digest::SHA, Convert::ASN1. Installing XML::Parser and Digest::SHA1 requires building native binaries. Fortunately, both modules are included in ActivePerl. Digest::SHA (which can be used instead of Digest::SHA1) is included in the standard Perl distribution since Perl 5.10.0.
  • OpenSSL. MX-Tools requires OpenSSL 0.9.8 or newer. No special libraries (like Perl bindings) are necessary. Plain OpenSSL installation is sufficient.
  • zip/unzip. The well-known compression tools available in source and binary form for various platforms, often installed by default.
  • bzip2. Another well-known and widely used compression tool. Available in source and binary form for various platforms, often installed by default.
  • Mozilla mar and mbsdiff. Source code for both tools is available in the Mozilla codebase. Binary mar is also included in Gecko SDK.


MX-Tools is released under the GNU General Public License v3.0.


The latest release of MX-Tools is available on the download page.


To send your comments, questions, suggestions, bug reports, feature requests see support page. If you are sending a bug report be sure to provide access to any relevant data that would allow to reproduce the bug.