Office 2003 - VBA Code signing

G

Guest

Hi,

We are currently migrating from Office XP to Office 2003 on a windows server
2003. We have a whole bunch of MS Access Applications and I would like to
sign the code with a Certificate given from our Certificate Server but I
couldnt find any kind of decent walkthrough or information to do this.

I dont want to force our administrators to lower the security, as this would
be a huge security issue for them and I dont see why we should pay for a
Verisign or Thawte certificate as our MS Access applications are for internal
uses only.

So far I made a lot of tests and I got a certificate with a private key from
our Certificate server, I can sign the VBA code, install the certificate with
admin privileges in the "trusted publishers" store of the server but it just
would not let any other user open the signed database without getting a
message box.

any idea?

Thanks for the help!
 
J

Joan Wild

Maxime Gauthier said:
Hi,

We are currently migrating from Office XP to Office 2003 on a windows
server
2003. We have a whole bunch of MS Access Applications and I would like to
sign the code with a Certificate given from our Certificate Server but I
couldnt find any kind of decent walkthrough or information to do this.

I dont want to force our administrators to lower the security, as this
would
be a huge security issue for them and I dont see why we should pay for a
Verisign or Thawte certificate as our MS Access applications are for
internal
uses only.

So far I made a lot of tests and I got a certificate with a private key
from
our Certificate server, I can sign the VBA code, install the certificate
with
admin privileges in the "trusted publishers" store of the server but it
just
would not let any other user open the signed database without getting a
message box.


I believe that they'll only get that message the first time. Once they
accept the certificate, the message won't come up again.
 
G

Guest

In fact no, in Office 2003 the "Always trust the files from this publisher"
is grayed out. Only someone with administrative privileges can import a
certificate into the "Trusted publishers" store of the computer.

Nevertheless, I finaly found a way to do it using the "Code Signing"
certificate template from our organisation Certificate Service. The only down
side is that this kind of certificate can not be used to sign code with other
users, it can only work with the user who did the request because the private
key cant be exported.

Oh well at least it works ;)

thanks for answering!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top