Publisher Cert. Store vs. Runtime Security

J

JGlowski

I'm trying to find a definative answer concerning security requirements of
COM ADD-INs created using VSTO and VB.NET 2005 for Excel 2003 and 2007. I
have people in my organization that feel having signed all the dlls with my
Publisher's Cert. and having that certificate in the "Trusted Publishers
Store" should be enough to run the COM Add-IN in Excel (2003 and 2007). They
feel we should not have to give explicit permission to the Publisher in the
NET Framework Runtime Security if the Publisher is already in the Trusted
Publisher Store.

I can only get it working on a client PC by setting the Runtime Security.

Our CA is in Trusted Root Certificate Authorities and my Publisher's
Certificate is in the Trusted Publisher's Store. It's even visible from
Excel's

Trusted Publishers list. However, the COM add-in only runs if I add myself
to the NET Framework Runtime Security.

I need something that clearly states that the Trusted Publisher Store can or
cannot be used and whether or not using the Runtime Security is the only way
to allow a VSTO/ VB.NET 2005 COM ADD_IN to run.

Thanks
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Trusted Publisher Store vs. NET Runtime Security 5
Com Add-Ins using Trusted Publisher for Security 2
Server Root as Trusted Location 1
VSTO add-in and Outlook 2003 3
VSTO Excel add-in only working in development machine 1
Windows 7 and digital signature 0
VSTO Deployment 3
Runtime Error: "1004" Programmatic Access to Visual Basic Project 1

Top