Re: macros in Office 2007 (and in office 2003) with self-signed certificates

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: "sm1" <sm1@xxxxxxx>
• Date: Wed, 9 Apr 2008 21:14:12 -0700

---

Thanks. It is a great info.
How about if a department wants to use a cetificate issued by Verisign or other vendor? As an administrator how could I distribute that certificate to the users to use the macros with the least user interaction?
Any possible options would interest me.

Also, is there is way to avoid the import action of the digital certificate while we are doing a rollout without using a trusted location? Is there a good scenario for desktop rollout regarding macros that are signed in Office 2003 and will move to a new OS and Office 2007?


"Beth Melton" <bmelton@xxxxxxxx> wrote in message news:%23CRFA%23kmIHA.5692@xxxxxxxxxxxxxxxxxxxxxxx

Macros in Office 2003 should run fine in Office 2007. I say "should" because it really depends on the extent of the macros and if they are coded properly. So far I haven't encountered any difficulty with those I've created but there's always the possibility. :-)

Regarding your question on using a "self-signed" digital signature. If you are using SelfCert to create a digital signature it's intended to be used for your macros on your computer. It wasn't designed to be used like a digital certificate issued by a certifying authority. With that in mind, if you sign a Word document using a SelfCert digital signature (in any version of Word) and if the digital signature isn't installed on the computer then in Word 2007 macros will be disabled and you will not be able to enable them.

Now, if you install the digital signature this will not occur, however the digital signature will be considered a Trusted Root Certificate, not merely a Trusted Publisher for Office documents containing macros. So if security is a concern, and it sounds like it is, I wouldn't recommend taking this route. However, if you choose to take it anyway, you backup/import the digital signature using the same method as previous versions.

As an alternative, place the templates (without a SelfCert digital signature) in either the User Templates folder or Workgroup Templates folder (if the template location is on a network). The User Templates location is automatically trusted and you can add the Workgroup Templates location as a trusted location in the Trust Center. This was you can keep your Macro Security set to High but your macros will be allowed to run.

~~~~~~~~~~~~~~~
Beth Melton
Microsoft Office MVP
https://mvp.support.microsoft.com/profile/Melton
What is a Microsoft MVP? http://mvp.support.microsoft.com/gp/mvpfaqs

Guides for the Office 2007 Interface:
http://office.microsoft.com/en-us/training/HA102295841033.aspx

"sm1" <sm1@xxxxxxx> wrote in message news:enONilgmIHA.1912@xxxxxxxxxxxxxxxxxxxxxxx

We are planning to deploy office 2007. I am concerned about the macros that are in office 2003. How the macros will behave in office 2007? Will I have some problems with macros created in office 2003 while using office 2007? Only enterprise version is used.

Also, would self-signed macros created in Office 2007 work in Office 2003 products? i.e.: certain departments would convert to office 2007 at a later time then others.
Would some one be able to point me to the self-signed certificate issues between Office 2007 and Office 2003 if there is?

In addition, if I reimaged my system, would I loose self-signed macros in Office 2007? How could I ensure that my certificates are backed up and and after a reimaging I would not need to import some one else's certificate again to let the macros run automatically without changing macro security in Office 2007 for the trusted published like myself or my peers?

Overall, how much concern should be taken during the deployment of Office 2007 for the macros?

Any help would great.

.

---

• References:
  • macros in Office 2007 (and in office 2003) with self-signed certificates
    • From: sm1
  • Re: macros in Office 2007 (and in office 2003) with self-signed certificates
    • From: Beth Melton

• Prev by Date: Re: how do I make office 2007 look like older versions of office?
• Next by Date: Re: InCorrect Product Key Message
• Previous by thread: Re: macros in Office 2007 (and in office 2003) with self-signed certificates
• Next by thread: Cannnot open DOCX files
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: Macro Virus? ... I even bought a certificate from Verisign. ... "The macros in this file do not match the digital signature. ... virus would cause this. ... (microsoft.public.excel.programming) Re: Renew Certificate ... apply a time stamp to the digital signature. ... This allows code to be trusted even if the code signing certificate is revoked, becomes time invalid, etc. ... I've hundreds of macros signed with a certificate from my own Microsoft CA. ... (microsoft.public.security) Re: Macros are disabled (How to) ... I know how to disable and enable macros but I want to provoke ... Then I think you could add your own digital signature (private certificate) ... The file that opens program creating private ... (microsoft.public.excel.programming) Re: macros in Office 2007 (and in office 2003) with self-signed certificates ... Regarding your question on using a "self-signed" digital signature. ... for your macros on your computer. ... digital certificate issued by a certifying authority. ... The User Templates location is ... (microsoft.public.office.setup) RE: Digitally signing an Access database .mde or .mdb ... Check the Microsoft Access help topic "Digital Signature" for details. ... If you are prompted with the dialog box "Security Warning: ... In the Digital Signature Details dialog box, click View Certificate. ... (microsoft.public.access.security)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Office  > microsoft.public.office.setup  > 2008-04