locked
Digital Cert for ACCDE RRS feed

  • Question

  • I posted a question on Monday about signing an accde file. It got moved to an Office IT forum (it shouldn't have, as one of the responders suggested after the moderator moved it). I'm reposting in greater detail here (and hoping the moderator doesn't move it again).

    I'm trying to figure out why signing an Access 2010 accde file appears to work differently from signing an accdb file.

    Here's the scenario (Win7):  When I package and sign the accdb file with our digital certificate and open it, the expected behavior occurs; i.e., when the accdb file is first opened, the Security Warning appears and I click Enable Content and then subsequent times when the accdb file is loaded, there is no warning.

    When I package and sign the accde file, when the file is opened a Security Warning appears that says something to the effect of "It is not possible to determine that this file came from a trustworthy source" along with additional scary messages about the file containing harmful content, etc.

    This message appears every time the file is opened.

    I can resolve it by making the folder a trusted location, but this is a trial version (the reason is has to be an accde) and one can imagine the difficulty in trying to write a readme about trusted locations when the user has just read a message about harmful content that could destroy his computer!

    I hope I am missing something about signing accde files. Thanks for any help.

    Paco

    P.S. The same message is displayed in Win8 and Win8.1, but with prettier colors.

    Wednesday, February 19, 2014 8:54 PM

Answers

All replies

  • I found this MS article http://office.microsoft.com/en-us/access-help/show-trust-by-adding-a-digital-signature-HA010342008.aspx  

    One thing the article said was:

    After the database is extracted from the package, there is no longer a connection between the signed package and the extracted database.

    Maybe an accdb remembers the "trust me" click that you did the first time around and the accde doesn't because it's compiled.


    Bill Mosca
    www.thatlldoit.com
    http://tech.groups.yahoo.com/group/MS_Access_Professionals

    Wednesday, February 19, 2014 9:26 PM
  • Create a installer for your app, and add trusted location via registry:

    http://blog.ideaz.net/2013/12/how-to-remove-microsoft-access-security.html


    Michał

    • Marked as answer by PacoTex Thursday, February 20, 2014 3:14 PM
    Wednesday, February 19, 2014 9:27 PM
  • Michal -- Thanks. Great blog. I use the Package Solution, but have not had the guts to play with the registry. Your referenced blog explains it perfectly.

    One thing I do a little differently is eliminate the Access runtime requirement and direct my clients to download the runtime directly from MS if they don't have Access. The Package Solution doesn't offer that as an option, so I use Orca to edit the MSI database. The Access requirement is a row in CurrentLocation. Just drop the row and the MSI doesn't check for Access or the runtime as a prerequisite.

    Thursday, February 20, 2014 3:14 PM