1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Renew Certificate

Discussion in 'General Malware And Security' started by solboy, Dec 29, 2008.

  1. solboy

    solboy Guest

    Hi everyone:

    My question is the following. I've hundreds of macros signed with a
    certificate from my own Microsoft CA. The certificate is just valid till
    next January 14th. I would like to renew the certificate so I had not to
    sign all macros again. What do I have to do so I can renew the certificate
    without having to sign all macros again??

    It's very important for me because it's a lot of work signing all macros
    again

    Thanks in advance
     
    solboy, Dec 29, 2008
    #1
  3. Brian Komar \(MVP\)

    Brian Komar \(MVP\) Guest

    When you signed the macros, did you apply a timestamp to the signature.
    I do not think so, so you are looking at having to re-sign the macros.
    A renewed certificate will have a different thumbprint and serial number
    (even if you renew with the same key pair)

    Brian

    "solboy" <crespo_santamaria@hotmail.com> wrote in message
    news:7561284D-D713-4425-A8E3-3946E54968DD@microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > Hi everyone:
    >
    > My question is the following. I've hundreds of macros signed with a
    > certificate from my own Microsoft CA. The certificate is just valid till
    > next January 14th. I would like to renew the certificate so I had not to
    > sign all macros again. What do I have to do so I can renew the certificate
    > without having to sign all macros again??
    >
    > It's very important for me because it's a lot of work signing all macros
    > again
    >
    > Thanks in advance <!--colorc--><!--/colorc-->
     
    Brian Komar \(MVP\), Dec 29, 2008
    #2
  4. solboy

    solboy Guest

    Thanks Brian How can I apply a timestamp when I sign a macro?. Can't I do
    anything else to avoid signing again macros???. If I apply a timestamp, is
    that timestamp for ever???. Can I apply a timestamp forever???

    Thanks in advance



    "Brian Komar (MVP)" <brian.komar@nospam.identit.ca> escribió en el mensaje
    de noticias:OA8Pg9caJHA.5440@TK2MSFTNGP02.phx.gbl...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > When you signed the macros, did you apply a timestamp to the signature.
    > I do not think so, so you are looking at having to re-sign the macros.
    > A renewed certificate will have a different thumbprint and serial number
    > (even if you renew with the same key pair)
    >
    > Brian
    >
    > "solboy" <crespo_santamaria@hotmail.com> wrote in message
    > news:7561284D-D713-4425-A8E3-3946E54968DD@microsoft.com...<!--coloro:green--><span style="color:green <!--/coloro-->
    >> Hi everyone:
    >>
    >> My question is the following. I've hundreds of macros signed with a
    >> certificate from my own Microsoft CA. The certificate is just valid till
    >> next January 14th. I would like to renew the certificate so I had not to
    >> sign all macros again. What do I have to do so I can renew the
    >> certificate without having to sign all macros again??
    >>
    >> It's very important for me because it's a lot of work signing all macros
    >> again
    >>
    >> Thanks in advance<!--colorc--><!--/colorc-->
    > <!--colorc--><!--/colorc-->
     
    solboy, Dec 29, 2008
    #3
  5. Brian Komar \(MVP\)

    Brian Komar \(MVP\) Guest

    If you side the macros with the SDK, the Signtool utility allows you to
    apply a time stamp to the digital signature.
    The time stamping service (you need to purchase a hardware device or
    subscribe to a time stamping service on the Internet), will validate that
    the applied signature was valid - at the time of time stamping.
    This allows code to be trusted even if the code signing certificate is
    revoked, becomes time invalid, etc.
    Just search on code signing or check out chapter 25 in the PKI 2008 book I
    wrote from MS PRess
    Brian

    "solboy" <crespo_santamaria@hotmail.com> wrote in message
    news:elYuKMdaJHA.1328@TK2MSFTNGP02.phx.gbl...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > Thanks Brian How can I apply a timestamp when I sign a macro?. Can't I do
    > anything else to avoid signing again macros???. If I apply a timestamp,
    > is that timestamp for ever???. Can I apply a timestamp forever???
    >
    > Thanks in advance
    >
    >
    >
    > "Brian Komar (MVP)" <brian.komar@nospam.identit.ca> escribió en el mensaje
    > de noticias:OA8Pg9caJHA.5440@TK2MSFTNGP02.phx.gbl...<!--coloro:green--><span style="color:green <!--/coloro-->
    >> When you signed the macros, did you apply a timestamp to the signature.
    >> I do not think so, so you are looking at having to re-sign the macros.
    >> A renewed certificate will have a different thumbprint and serial number
    >> (even if you renew with the same key pair)
    >>
    >> Brian
    >>
    >> "solboy" <crespo_santamaria@hotmail.com> wrote in message
    >> news:7561284D-D713-4425-A8E3-3946E54968DD@microsoft.com...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
    >>> Hi everyone:
    >>>
    >>> My question is the following. I've hundreds of macros signed with a
    >>> certificate from my own Microsoft CA. The certificate is just valid till
    >>> next January 14th. I would like to renew the certificate so I had not to
    >>> sign all macros again. What do I have to do so I can renew the
    >>> certificate without having to sign all macros again??
    >>>
    >>> It's very important for me because it's a lot of work signing all macros
    >>> again
    >>>
    >>> Thanks in advance<!--colorc--><!--/colorc-->
    >> <!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->
     
    Brian Komar \(MVP\), Dec 29, 2008
    #4
  6. solboy

    solboy Guest

    And that book you wrote can you tell me the title so I can look for it?

    Thanks in advance



    "Brian Komar (MVP)" <brian.komar@nospam.identit.ca> escribió en el mensaje
    de noticias:F0C1B098-0026-4EC7-A618-65F91FB74E8A@microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > If you side the macros with the SDK, the Signtool utility allows you to
    > apply a time stamp to the digital signature.
    > The time stamping service (you need to purchase a hardware device or
    > subscribe to a time stamping service on the Internet), will validate that
    > the applied signature was valid - at the time of time stamping.
    > This allows code to be trusted even if the code signing certificate is
    > revoked, becomes time invalid, etc.
    > Just search on code signing or check out chapter 25 in the PKI 2008 book I
    > wrote from MS PRess
    > Brian
    >
    > "solboy" <crespo_santamaria@hotmail.com> wrote in message
    > news:elYuKMdaJHA.1328@TK2MSFTNGP02.phx.gbl...<!--coloro:green--><span style="color:green <!--/coloro-->
    >> Thanks Brian How can I apply a timestamp when I sign a macro?. Can't I do
    >> anything else to avoid signing again macros???. If I apply a timestamp,
    >> is that timestamp for ever???. Can I apply a timestamp forever???
    >>
    >> Thanks in advance
    >>
    >>
    >>
    >> "Brian Komar (MVP)" <brian.komar@nospam.identit.ca> escribió en el
    >> mensaje de noticias:OA8Pg9caJHA.5440@TK2MSFTNGP02.phx.gbl...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
    >>> When you signed the macros, did you apply a timestamp to the signature.
    >>> I do not think so, so you are looking at having to re-sign the macros.
    >>> A renewed certificate will have a different thumbprint and serial number
    >>> (even if you renew with the same key pair)
    >>>
    >>> Brian
    >>>
    >>> "solboy" <crespo_santamaria@hotmail.com> wrote in message
    >>> news:7561284D-D713-4425-A8E3-3946E54968DD@microsoft.com...
    >>>> Hi everyone:
    >>>>
    >>>> My question is the following. I've hundreds of macros signed with a
    >>>> certificate from my own Microsoft CA. The certificate is just valid
    >>>> till next January 14th. I would like to renew the certificate so I had
    >>>> not to sign all macros again. What do I have to do so I can renew the
    >>>> certificate without having to sign all macros again??
    >>>>
    >>>> It's very important for me because it's a lot of work signing all
    >>>> macros again
    >>>>
    >>>> Thanks in advance
    >>><!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->
    > <!--colorc--><!--/colorc-->
     
    solboy, Dec 30, 2008
    #5
  7. Brian Komar \(MVP\)

    Brian Komar \(MVP\) Guest

    You really need to learn how to use google <G>

    Brian

    "solboy" <crespo_santamaria@hotmail.com> wrote in message
    news:4C31CB9D-2774-4963-A2DC-33823B589644@microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > And that book you wrote can you tell me the title so I can look for it?
    >
    > Thanks in advance
    >
    >
    >
    > "Brian Komar (MVP)" <brian.komar@nospam.identit.ca> escribió en el mensaje
    > de noticias:F0C1B098-0026-4EC7-A618-65F91FB74E8A@microsoft.com...<!--coloro:green--><span style="color:green <!--/coloro-->
    >> If you side the macros with the SDK, the Signtool utility allows you to
    >> apply a time stamp to the digital signature.
    >> The time stamping service (you need to purchase a hardware device or
    >> subscribe to a time stamping service on the Internet), will validate that
    >> the applied signature was valid - at the time of time stamping.
    >> This allows code to be trusted even if the code signing certificate is
    >> revoked, becomes time invalid, etc.
    >> Just search on code signing or check out chapter 25 in the PKI 2008 book
    >> I wrote from MS PRess
    >> Brian
    >>
    >> "solboy" <crespo_santamaria@hotmail.com> wrote in message
    >> news:elYuKMdaJHA.1328@TK2MSFTNGP02.phx.gbl...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
    >>> Thanks Brian How can I apply a timestamp when I sign a macro?. Can't I
    >>> do anything else to avoid signing again macros???. If I apply a
    >>> timestamp, is that timestamp for ever???. Can I apply a timestamp
    >>> forever???
    >>>
    >>> Thanks in advance
    >>>
    >>>
    >>>
    >>> "Brian Komar (MVP)" <brian.komar@nospam.identit.ca> escribió en el
    >>> mensaje de noticias:OA8Pg9caJHA.5440@TK2MSFTNGP02.phx.gbl...
    >>>> When you signed the macros, did you apply a timestamp to the signature.
    >>>> I do not think so, so you are looking at having to re-sign the macros.
    >>>> A renewed certificate will have a different thumbprint and serial
    >>>> number (even if you renew with the same key pair)
    >>>>
    >>>> Brian
    >>>>
    >>>> "solboy" <crespo_santamaria@hotmail.com> wrote in message
    >>>> news:7561284D-D713-4425-A8E3-3946E54968DD@microsoft.com...
    >>>>> Hi everyone:
    >>>>>
    >>>>> My question is the following. I've hundreds of macros signed with a
    >>>>> certificate from my own Microsoft CA. The certificate is just valid
    >>>>> till next January 14th. I would like to renew the certificate so I had
    >>>>> not to sign all macros again. What do I have to do so I can renew the
    >>>>> certificate without having to sign all macros again??
    >>>>>
    >>>>> It's very important for me because it's a lot of work signing all
    >>>>> macros again
    >>>>>
    >>>>> Thanks in advance
    >>>><!--colorc--><!--/colorc-->
    >> <!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->
     
    Brian Komar \(MVP\), Dec 30, 2008
    #6

Share This Page