Informal poll: Does anyone out there sign their code?
I'll admit, I do it, but only when I'm working on a serious application or add-in, and need to open and close the workbook a lot. The macro warning gets annoying after 10 or 20 times, so I sign the code to stop it and get straight to work.
Verisign offers digital signatures for a fee. All you have to do is set up an account and they sell you one. Seems counterintuitive to me; if you can just pick one up, so can anyone else. That makes a digital signature from Verisign no different than a self-signed project, except you're not short 500 dollars. Or maybe I just don't get it.
I think there should be some kind of informal group of VBA developers, and we could all pitch in and buy a digital cert from Verisign. That would probably require a corporation, which would make it a formal group. That definitely takes the fun out of the idea.
If you do sign your code, do you use a self-created certificate (a la SELFCERT.EXE) or do you use one from Verisign or another authority? If the latter, who paid for it? Do you find any benefits from it over self-signed code?
About JP
15 Comments:
I've never signed my projects. I looked into this, but I wasn't ready to pony up the $500. No client has ever asked me to sign a project, either.
Is that because you're mostly writing add-ins which don't need to be signed?
If the customer doesn't require it, then it doesn't "need to be signed".
What does need to be signed?
I was referring to the fact that add-ins, by their nature, don't bring up the macro warning. But if you produce sample workbooks (like the ones I put up on this site), users will get the macro warning (unless they've decided to trust my self-signed code)
I would have loved this feature if it prevented users from altering a signed file…or allow alter but stop working once altered. Whats the use of a warning! its neither here nor there
Now I see what you mean.
You can sign workbooks to avoid the macro warning, or you could put the workbooks into a trusted location.
Or you can just click Enable every time, like I do. This never seemed like such a big deal.
I tried self signing for a short while. Then I renamed a folder or something and it got all screwed up. I gave it up after that.
I thought about it and figured if "they" want my code to run, they'll just have to trust me. Or it could be a very long wait
Thanks for sharing, guys.
No way would my company pony up $500 for a third-party cert, but I did try selfcert.exe a while back, if only to get round the 'moved/rebuilt PC needing macro settings changed from high to medium' problem.
The trouble I found is that the certificate itself generates user dialogs and, after hammering into folk about enabling macros for years, it only seemed to confuse the poor dears when presented with another dialog.
I gave up.
I forgot about that, the certificate does create its own dialog asking if you want to 'trust' it.
what is signing?
I have been using "enable macros" button, though it seems annoying after a few times.
JP, may be you can educate us on how to self-sign projects (and add-ins) and what the best practices are in a follow up post…
Chandoo, there's a link in the post above to a MS article demonstrating how to self sign VBA code.
I'm a little late to the game, but I thought I would add in some problems I encountered with self signed macro projects:
After sharing the macro with my small workgroup, another user's antivirus program gave a warning dialog.
When the user went to save the workbook, he got a "you have modified a signed project. You do not have the correct key to sign this project. The signature will be discarded." If you modify a macro after signing it, the signature will be discarded, which sounds like what is happening here. However, the user had not tried to change the vba project, so who knows what is going on in excel's little head.
In the end – having the user click "enable macros" every time they open the file seems like the easiest route.
Thanks for sharing, Lydia!