Digital Certificates

G

Graham Dingley

I write simple Word Macros for customers to attach to
templates these are called when the template is opened and
a new document is created using mail-merge etc. All of
this works fine if I set the security to LOW. I have
tried to follow through MicroSoft how to obtain a digital
signature but get totally confused. Where can I get a
Digital signature and allow my customers to run the
security at high. I am based in the UK.

Thanks in advance for any help.

Graham
 
L

Lars-Eric Gisslén

Graham,

We have been using Verisign's Office code signing certificate for a couple
of yers now. We also use the normal code signing certificate from Verisign
for signing executables. It cost $400 US each per year. It's a bit of a
procedure when you buy it for the first time as it's a Class 3 certificate.
That means they have to ensure they issue the certificate to the company you
claim you work for. So they will make a phone call to a public phone number
that is registred on your company and one of your bosses has to verify the
order. You can order the certificate from Verisign's site
http://www.verisign.com/products/signing/code/

Then when you sign the macro projects you will need to timestamp the
signing, otherwise your signing will not be accepted after the certificate
has expired. Verisign has a timestamping service that Office will
automatically connect to that service if you put the URL, to the service, in
the registry. It's an industry standard that soft class 3 code signing
certificates are valid no more than one year. If you buy the certificate
from another issuer (Certificate Authority) you must make shure their root
certificate is one of those installed by a normal Windows installation.
Verisign's root certificates are for sure sure on every Windows machine.

Regards,
Lars-Eric
 
L

Lars-Eric Gisslén

William,

A code signing certificate is issued to a company, not an individual, so you
can use the certificate on several computers within your organisation. Until
recently that has been a problem for single consultants to buy a certificate
but that has changed now. But if your company name is the same as your
personal name you may still have problems.

As long as you timestamp your signing there will not be any problems for the
users even after the certificate has expired. The Authenticode software can
still verify that the signing was made while the certificate was valid. If
you don't timestamp the signing the Authenticode software can't verify if
the signing was made after the certificate has expired or not and will
therefore treat the signing as invalid after the certificate has expired.
Therefor it's important to timestamp your signing. I don't think your
clients will be happy if your solutions stops working suddenly because your
certificate has expired, and they use high security in Office.

Regards,
Lars-Eric
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to insert Certificated digital signature in Word for Mac 0
Word Template and Normal Style 1
Publisher is filling blank lines with data 2
digital signatures 0
digital signature gets corrupt 1
Distribution of Word templates with macros 2
Digital Certificates for Macros 0
Digitally signing macros 0

Top