We have a project for an Outlook plugin .vsto that we’re trying to sign with our generated certificate. The cert is generated from the local CA. When I added it to the project in the Signing tab, all of the information shows up and looks good. I publish and try to run it and I get the prompt stating that it cannot verify the publisher. I tried resigning it using mage and even setting the -usemanifestfortrust to true and setting the publisher name. Same result. I’ve tried resigning the .vsto and the manifest. I’ve also removed the .deploy extensions for everything and done the update through mage, all with the same result. We’re stumped.
Does anyone have any suggestions? I’ve read about 50 articles about it (which is where I got these troubleshooting ideas) but with no luck. TIA
It turns out it has something to do with the certificate template not exporting the key. We noticed that the check box in the certificate builder (allow key to be exported) on the CA was grayed out and there wasn’t any way to enable it. I had our admin look into and what he told me was that had to create a custom template, which enabled the checkbox and regenerate it. From there, all I did was sign the project with the certificate and all was good. When you run the installer it now prompts you with of the information and a green checkmark icon. And of course, if you add the cert to the trusted stores, you don’t even get the prompt. The application is for company use, so no need for Verisign.