How to Sign a VBA Macro with Timestamp in MS Office
Before moving any further, verify that your certificate is installed in the Windows CSP. For that, right-click on your PFX file and select Install or import through Internet Explorer by clicking on:
- Internet Options menu -> Content -> Certificates -> Import.
- Now, open the VBA project that you want to sign. Go to the Tools menu and select Digital Signature.
- From that Digital Signature window, click “Choose” and select your PFX file.
- Click OK and Save.
- By now, your MS Office document is digitally signed.
- By default, the certificate is not time stamped in some of the platforms like Windows Vista and Windows 7. If you’re signing through those platforms below are the steps to timestamp:
- For timestamping your VBA macros by default, you must create a file named timestamp.bat and copy/paste these lines:
reg add "HKCUSoftwareMicrosoftVBASecurity" /v "TimeStampURL" /f /d
reg add "HKCUSoftwareMicrosoftVBASecurity" /v "TimeStampRetryCount" /f /t REG_DWORD /d 2
reg add "HKCUSoftwareMicrosoftVBASecurity" /v "TimeStampRetryDelay" /f /t REG_DWORD /d 1
- Save the file and double-click to run it, then confirm Yes when prompted.
- A timestamp is an extra step, but critical nonetheless. It keeps your signature valid, even after the expiration of the certificate.
- For verifying a timestamp on a signed macro, run the macro after setting the computer’s clock past the expiration date of the certificate. If it’s signed correctly, it will still run as signed.