Can't digitally sign VBA projects in Office 2007 by using an SHA256 code-signing certificate

Symptoms
When you try to digitally sign a macro-enabled VBA project in a 2007 Microsoft Office Suite document, the SHA256 code-signing certificate may not be listed as an option.

Additionally, macro-enabled Office documents that are digitally signed by SHA256 may not be recognized when you try to open them in Office 2007.  
Cause
This issue occurs because Office 2007 does not support SHA256 certificates.
Workaround
To work around this issue, do the following, depending on your situation:
  • If you're trying to digitally sign a macro-enabled VBA project, use Office 2010 or a later version of Office to sign the document by using SHA256.
  • If you have macro-enabled documents that are digitally signed by SHA256 but are not recognized by Office 2007, use an alternative trusting mechanism, such as Trusted Locations.

    To do this, navigate to Trust Center >Trust center settings >Trusted Locations >Add New Location. If the macro-enabled file is kept on a network drive, make sure that you select the Allow Trusted Locations on my Network check box. Also make sure that the files that are signed by SHA256 are saved in the specified trusted location.

    Note Since Office 2007 does not support SHA256 , Macro based Add-ins or Macro Enabled Files or COM Add-ins signed by SHA256 will not be trusted if Require Applications to be signed by Trusted Publisher option is enabled. You may also have to disable the Require Applications to be signed by Trusted Publisher option.
Properties

Article ID: 3090063 - Last Review: 05/13/2016 19:14:00 - Revision: 1.1

2007 Microsoft Office Suite Service Pack 1, 2007 Microsoft Office Suite Service Pack 2, 2007 Microsoft Office Suite Service Pack 3

  • KB3090063
Feedback