Show All

Add a digital signature to macro project

You digitally sign a file or a macro project by using a digital certificate.

1. If you don't already have a digital certificate, you must obtain one.

   How?

   You can obtain a digital certificate from a commercial certification authority, such as VeriSign, Inc., or from your internal security administrator or Information Technology (IT) professional. Or, you can create a digital signature yourself using the Selfcert.exe tool.

   To learn more about certification authorities that offer services for Microsoft products, see the list of Microsoft Root Certificate Program Members.

   Notes

   • The hyperlink in this topic goes to the Web. You can switch back to Help at any time.

   • Because a digital certificate you create yourself isn't issued by a formal certification authority, macro projects signed by using such a certificate are referred to as self-signed projects. Depending on how Microsoft Office digital-signature features are being used in your organization, you might be prevented from using such a certificate, and other users might not be able to run self-signed macros for security reasons.

2. Open the file that contains the macro project you want to sign.
3. On the Tools menu, point to Macro, and then click Visual Basic Editor.
4. In the Project Explorer, select the project you want to sign.
5. On the Tools menu, click Digital Signature.
6. If you haven't previously selected a digital certificate or want to use another one, click Choose, select the certificate, and then click OK twice.
7. To use the current certificate, click OK.

   Tips

   • Sign macros only after your solution has been tested and is ready for distribution, because whenever code in a signed macro project is modified in any way, its digital signature is removed. However, if you have the proper digital certificate on your computer, the macro project will automatically be resigned when saved.

   • If you want to prevent users of your solution from accidentally modifying your macro project and invalidating your signature, lock the macro project before signing it. Your digital signature says only that you guarantee that the project has not been tampered with since you signed it. It does not prove that you wrote the project. Locking your macro project doesn't prevent another user from replacing the digital signature with another signature. Corporate administrators might re-sign templates and add-ins so that they can control exactly what users may run on their computers.

   • If you create an add-in that adds code to a macro project, your code should determine if the project is digitally signed and notify the user of the consequences of modifying a signed project before continuing.

   • When digitally signing macros, consider obtaining a timestamp so that others can verify your signature even after the certificate used for the signature has expired. See Microsoft Office Online for more information on macro security and timestamps.