Actually, I just hit this problem and it turned into a significant
mess. If you've recently installed IE7 on the PC you use to sign code,
that's the problem.
We're using a certificate from Thawte that we purchased last spring to
sign our VBA projects. After I installed Internet Explorer 7, I found
I could no longer sign projects. Turns out that IE7 uses a new form of
certificate when signing (this only affects the signing machine).
The solution: contact Thawte or Verisign or whomever, and have them
reissue (free) your certificate. Then delete your old certificate in
IE 7, and reimport the new certificate into IE 7. Then you can sign
projects again.
HOWEVER: be forewarned. Once you get a reissued certificate, your old
certificate becomes invalid. If you timestamped your signature, then
your old signatures will work, altho they'll be noted as expired. If
you have not timestamped your old projects (which sadly, I had not
because I didn't know about that), your old signatures will be noted
as revoked. Timestamping for Thawte certificates is described here:
http://search.thawte.com/thawte/solution.jsp?id=vs9288)
Note that users who have upgraded to IE7 do not get any problems with
the old certificate; it only affects the signing machine. Had I known
that our old certificate would be marked as revoked, I would have
bought a new certificate and used it to sign new projects, while
retaining the usability of the old. We didn't do that, and now all of
our existing products have a revoked certificate, which sucks!
gary
