J
JGlowski
Re-Posting per conseirge:
I'm trying to find a definative answer concerning security requirements of
COM ADD-INs created using VSTO and VB.NET 2005 for Excel 2003 and 2007. I
have people in my organization that feel having signed all the dlls with my
Publisher's Cert. and having that certificate in the "Trusted Publishers
Store" should be enough to run the COM Add-IN in Excel (2003 and 2007). They
feel we should not have to give explicit permission to the Publisher in the
NET Framework Runtime Security if the Publisher is already in the Trusted
Publisher Store.
I can only get it working on a client PC by setting the Runtime Security.
Our CA is in Trusted Root Certificate Authorities and my Publisher's
Certificate is in the Trusted Publisher's Store. It's even visible from
Excel's Trusted Publishers list. However, the COM add-in only runs if I add
myself to the NET Framework Runtime Security.
I need something that clearly states that the Trusted Publisher Store can or
cannot be used and whether or not using the Runtime Security is the only way
to allow a VSTO/ VB.NET 2005 COM ADD_IN to run.
I'm trying to find a definative answer concerning security requirements of
COM ADD-INs created using VSTO and VB.NET 2005 for Excel 2003 and 2007. I
have people in my organization that feel having signed all the dlls with my
Publisher's Cert. and having that certificate in the "Trusted Publishers
Store" should be enough to run the COM Add-IN in Excel (2003 and 2007). They
feel we should not have to give explicit permission to the Publisher in the
NET Framework Runtime Security if the Publisher is already in the Trusted
Publisher Store.
I can only get it working on a client PC by setting the Runtime Security.
Our CA is in Trusted Root Certificate Authorities and my Publisher's
Certificate is in the Trusted Publisher's Store. It's even visible from
Excel's Trusted Publishers list. However, the COM add-in only runs if I add
myself to the NET Framework Runtime Security.
I need something that clearly states that the Trusted Publisher Store can or
cannot be used and whether or not using the Runtime Security is the only way
to allow a VSTO/ VB.NET 2005 COM ADD_IN to run.