none
Strong Sign Excel Addin RRS feed

  • Question

  • I have a created and excel addin that my users can install themselves if they have access to the network share. However, I would like to make my adding available to download and install from the web. Because I don't have a strong certificate the user gets an error and it does not allow the user to download and install my addin. I have sort of found a workaround for this, however i want to make it easier on my users. So here are my questions.

    1- If I strongly sign my addin would I then be able to publish it on the web and my users will be able to download and install without a warning? 

    2- Where can i buy a certificate to strongly sign my addin?

    Thanks in advance for any response you guys can offer.

    Miguel


    miguel

    Friday, October 16, 2015 6:49 PM

Answers

  • Hi Miguel,

    >>- If I strongly sign my addin would I then be able to publish it on the web and my users will be able to download and install without a warning? <<

    Only if the manifest signed with the certificate which is in the Trusted Publisher list, then the solution is installed immediately. Otherwise, if it did not fail one of the checks, the solution continues to the final set of checks. You can get more detail about Sequence of Security Checks During Installation from link below:
    https://msdn.microsoft.com/en-us/library/bb157863.aspx

    >>2- Where can i buy a certificate to strongly sign my addin?<<

    You can obtain a certificate for code signing in one of three ways:

    • Purchase one from a certificate vendor.

    • Receive one from a group in your organization responsible for creating digital certificates.

    • Generate your own certificate with MakeCert.exe, which is included with the Windows Software Development Kit (SDK).

    More detail please refer to link below:
    ClickOnce and Authenticode

    Regards & Fei


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, October 20, 2015 7:49 AM
    Moderator
  • Hi Miguel,

    As far as I know, the requirement of certificate used to sing the Office solution is "Code Signing" certificate. There is no other limitation for the Stand or EV kind of certificate.

    You can get more detail about this topic from link below:
    ClickOnce and Authenticode

    Regards & Fei


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, October 22, 2015 6:09 AM
    Moderator

All replies

  • Hi Miguel,

    Based on your description, your case more related to Visual Studio Development   Microsoft Office for Developers   Visual Studio Tools for Office (VSTO) , I will move your case to that forum for better support. Thanks for your understanding.

    Best regards,

    Kristin


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, October 19, 2015 5:26 AM
  • Thank you Kristin I appreciated.

    Miguel


    miguel

    Monday, October 19, 2015 12:12 PM
  • Hi Miguel,

    >>- If I strongly sign my addin would I then be able to publish it on the web and my users will be able to download and install without a warning? <<

    Only if the manifest signed with the certificate which is in the Trusted Publisher list, then the solution is installed immediately. Otherwise, if it did not fail one of the checks, the solution continues to the final set of checks. You can get more detail about Sequence of Security Checks During Installation from link below:
    https://msdn.microsoft.com/en-us/library/bb157863.aspx

    >>2- Where can i buy a certificate to strongly sign my addin?<<

    You can obtain a certificate for code signing in one of three ways:

    • Purchase one from a certificate vendor.

    • Receive one from a group in your organization responsible for creating digital certificates.

    • Generate your own certificate with MakeCert.exe, which is included with the Windows Software Development Kit (SDK).

    More detail please refer to link below:
    ClickOnce and Authenticode

    Regards & Fei


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, October 20, 2015 7:49 AM
    Moderator
  • Thank you Fei. One thing I'm still not very clear about is which one would be the type of certificate that I need to buy. I looked at this page but I do not truly understand what is the actual certificate type that I need. https://msdn.microsoft.com/en-us/library/windows/hardware/hh801887(v=msdn.85).aspx to sign a click once application.

    Thanks.


    miguel

    Tuesday, October 20, 2015 8:21 PM
  • Hi Miguel,

    As far as I know, the requirement of certificate used to sing the Office solution is "Code Signing" certificate. There is no other limitation for the Stand or EV kind of certificate.

    You can get more detail about this topic from link below:
    ClickOnce and Authenticode

    Regards & Fei


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, October 22, 2015 6:09 AM
    Moderator