Self-Signed Test Certificates and signing SHIMS for Add-Ins

J

jojobar

BACKGROUND
=======================================================
I used makecert to create a self-signed certificate, and then used cert2spc
to
create a test Software's Publishers Certificate (SPC). I then used SignCode
to Authenticode sign my C# AddIn Shim.

In Word, I unchecked "Trust all installed add-ins and templates" and set
security
to first Medium and then High.

On medium security settings, at Word startup, a message indicating that the
certificate was not to be trusted was displayed. It also allowed me to enable
the macros which allowed my Add-In to install and run. But the checkbox
option "Always trust macros from this source" was also disabled.

On the High security settings, Word displayed the same dialog as above, but
the "Enable Macros" button was disabled, which kept my Add-In from loading at
all.
=============================================

Question(s).

Conditions: "Always trust macros from this source" not checked
Macro Security: Medium

1. Using only a self signed test SPC is the default behavior to require the
user to push "Enable Macros" every time Word loads.

2. Is the default behavior to disable the checkbox"Always trust macros
from this source?"

3. Is there any way to add a self-signed certificate to the "Trusted Sources"
list?

4. Is the above described behavior typical of self-signed certificates?

5. What is the easiest and best way to verify Authenticode signed assemblies
without having to rely on whether the add loads in an office application?
 
P

Peter Huang [MSFT]

Hi Jojobar,

Based on my research, there is no much information about the test
certificate(makecert).
Here are some information for your reference.

Isolating Office Extensions with the COM Shim Wizard
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dno2k3ta/ht
ml/ODC_Office_COM_Shim_Wizards.asp

Office Security
You are strongly encouraged to set your Office security level to High (or
Very High in Office 2003) and to disable the default Trust all installed
Add-ins and templates setting. This combination automatically disables all
add-ins and templates that are not code-signed. Furthermore, if the add-ins
and templates are code signed with a certificate not listed in the Trusted
Sources list, at High security level, the user is prompted to either enable
or disable the add-ins, and at Very High level, the add-ins are silently
disabled.

If you do set your Office macro security to High or Very High, then you
must digitally sign your extension DLLs. This approach helps to increase
the security of your Office platform, and you are strongly encouraged to do
this.

For additional information on Office macro security, see Office XP
Document: Macro Security White Paper and Microsoft Office 2003 Editions
Security Whitepaper. For general information on Office security, see
Security in Microsoft Office 2003 Editions.

Digital Code Signing Step-by-Step Guide
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsmarttag/
html/odc_dcss.asp

How to specify trusted sources for Digital Certificates in Excel 2002,
PowerPoint 2002, and Word 2002
http://support.microsoft.com/?id=308983

Description of the Very High security setting in Office 2003
http://support.microsoft.com/?id=827725

BTW: Commonly we dedicated to one question in one newsgroup thread.

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
J

jojobar

Peter,

Thank you very much for taking your valuable time to reply, but, after
reading all the sources you provided, we are still unsure about the answer to
the first question which was:

1. Using only a self signed test SPC is the default behavior to require the
user to push "Enable Macros" every time Word loads.

What we are trying to understand is whether a self-signed test certificate
behaves any differently than a Softwares Publisher Certificate from a trusted
source with macro security set to either medium or high with "Trust all
addins and templates" unchecked.

With the self-signed certificate and medium security settings, we see the
macro warning every time and are never allowed to include the self-signed
certificates in the trusted souce list as should be allowed with a
certificate issued by Verisign. And with security set to high, the we see the
macro warning dialog, but are only option is to disable macros. Is this
behavior normal for a self-signed certificate?

So maybe a better way to ask the question is whether a self-signed
certificate behaves any differently than a certificate issued from a trusted
souce such as Verisign?

-jojobar
 
P

Peter Huang [MSFT]

Hello Jojobar,

Based on my knowledge, the main difference between a makecert generated
certificate and the versign certificate is that the makecert generated
certificate is not trusted.
Please take a look at the figure in the link below.
Figure 10. General information about the Jay Adams certificate
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsmarttag/
html/odc_dcss.asp

NOTE that there is a red "X" in the certificate, which means the
certificate is not trusted.
So when we develop the code, we can use the certificate. But when we want
to distribute to the end user we need a verisign or other vendor's
certificate.

An not trusted certificate will cause the warning dialog in the Figure 14.
Security Warning dialog box
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsmarttag/
html/odc_dcss.asp

For detailed information about certificate, it would better to discuss in
the security group, where have many security experts.
microsoft.public.platformsdk.security

Thanks for your understanding!

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
J

Jonathan West

Hi jojobar




jojobar said:
BACKGROUND
=======================================================
I used makecert to create a self-signed certificate, and then used
cert2spc
to
create a test Software's Publishers Certificate (SPC). I then used
SignCode
to Authenticode sign my C# AddIn Shim.

In Word, I unchecked "Trust all installed add-ins and templates" and set
security
to first Medium and then High.

On medium security settings, at Word startup, a message indicating that
the
certificate was not to be trusted was displayed. It also allowed me to
enable
the macros which allowed my Add-In to install and run. But the checkbox
option "Always trust macros from this source" was also disabled.


On the High security settings, Word displayed the same dialog as above,
but
the "Enable Macros" button was disabled, which kept my Add-In from loading
at
all.
=============================================

Question(s).

Conditions: "Always trust macros from this source" not checked
Macro Security: Medium

1. Using only a self signed test SPC is the default behavior to require
the
user to push "Enable Macros" every time Word loads.
Yes

2. Is the default behavior to disable the checkbox"Always trust macros
from this source?"
Yes

3. Is there any way to add a self-signed certificate to the "Trusted
Sources"
list?
Click to expand...

Yes.

Microsoft warns that selfcert-created certificates can be forged, so you
accept them or not on your own responsibility. The process however for
accepting them is more complex than for verified certificates.

On the Security Warning dialog, click the Details button. On the dialog that
appears next, click "View Certificate", and on the dialog that then appears
click "Install certificate". On the Certificate Import Wizard that then
appears, just keep clicking Next until you come to the end of the process,
and then click "Finish". Close the remaining dialogs by clicking OK until
you return the the Security Warning.

Now, the "Always trust macros from this source" checkbox should no longer be
greyed out, and you can then check it before clicking Enable Macros.
4. Is the above described behavior typical of self-signed certificates?
Yes.


5. What is the easiest and best way to verify Authenticode signed
assemblies
without having to rely on whether the add loads in an office
application?
Click to expand...

I don't think there is a way other than what I have described above.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Self Signed Digital Certificates. 1
Self Signed Projects 0
signing VBA Macros for Excel 2
VBA Macro signing - Can only see self generated certs 0
macros in Office 2007 (and in office 2003) with self-signed certificates 2
Reuse old selfcerts (self certificates)? 0
digitally signing macros for Word 2003 10
sharing self-signed certificates 2

Top