Home |
Search |
Today's Posts |
#1
Posted to microsoft.public.excel.programming
|
|||
|
|||
selfcert.exe
We use Excel VBA macros in many of our shared workbooks (numbering in the
thousands). When users have macro security set to High, our macros do not run because they are not signed. This is a serious problem, especially with the users. While we have a utility to self certify our macros (SELFCERT.EXE), it does not help unless all users have us in a list of trusted sources. We need a way to create and maintain this list of trusted sources. Any thoughts? Can we do this without a rootCA or purchasing certificates from say...verisign? Thanks! |
#2
Posted to microsoft.public.excel.programming
|
|||
|
|||
selfcert.exe
Fred,
I don't know the answer for certain, but just think how easy it would be for a virus to update your list of trusted sources without your knowledge and wreak all sorts of havoc on your spreadsheets, etc. I would think, therefore, that the answer is No. Henry "Fred" wrote in message ... We use Excel VBA macros in many of our shared workbooks (numbering in the thousands). When users have macro security set to High, our macros do not run because they are not signed. This is a serious problem, especially with the users. While we have a utility to self certify our macros (SELFCERT.EXE), it does not help unless all users have us in a list of trusted sources. We need a way to create and maintain this list of trusted sources. Any thoughts? Can we do this without a rootCA or purchasing certificates from say...verisign? Thanks! |
#3
Posted to microsoft.public.excel.programming
|
|||
|
|||
selfcert.exe
Fred
You should speak to your systems administrators as they could set this up in group policy - But I bet they wont! The whole point of security certificates is to authenticate the source of the code. A malicious user could easily run selfsert as you and forge a cert in your name. then issue bad code in your name - this would be a bad thing! You should get a proper cert from verisign or Thawte or whoever (200-400 dollars - cheaper than a virus). One person/machine should have this installed then this becomes the security signing step in your release cycle. Self certs should only be used for testing, never for release. cheers Simon "Fred" wrote: We use Excel VBA macros in many of our shared workbooks (numbering in the thousands). When users have macro security set to High, our macros do not run because they are not signed. This is a serious problem, especially with the users. While we have a utility to self certify our macros (SELFCERT.EXE), it does not help unless all users have us in a list of trusted sources. We need a way to create and maintain this list of trusted sources. Any thoughts? Can we do this without a rootCA or purchasing certificates from say...verisign? Thanks! |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
SelfCert | Excel Discussion (Misc queries) | |||
SelfCert and other Cert authorities | Excel Programming | |||
SELFCERT, a step further | Excel Programming | |||
SelfCert | Excel Programming | |||
SelfCert.exe error | Excel Programming |