We are trying to give one of our user the ability to sign his macros in Excel with a certificate issued by Certficate Authority.
The Certificate Authority role is installed on the Domain Controller and our user is able to request a Code Signing certificate. The certificate appears in his personal store.
http://bit.ly/ZR9uhq
The problem happens when the user wants to select the requested certificate to sign his macros. The certificate does not appear in the list of certificates.
http://bit.ly/10n399q
I'm pretty new to this (managing certificate and using the CA role), but I'm sure I'm almost there. I'm just out of solutions, Google hasn't been my friend and I need help from people knowing that kind of stuff better.
Thanks a lot
[EDIT 1]
The only certifiacte available to sign macros is the one created by the user on his machine with the software SelfCert.exe
[EDIT 2]
Here is the Key usage value:Digital Signature (80) And here is the Enhanced key usage value: Code Signing (1.3.6.1.5.5.7.3.3)
Best Answer
I think I found where the issue was coming from.
The server I have is a Windows Server 2008 Standard, and from Microsoft's documentation it only supports version 1 of certificates.
I can create a custom certificate template for code signing, but I can't make this template available to my domain users because custom templates version is either 2 or 3.
So I can create a code signing certificate template, but my users cannot request this type of certificate as long as I don't have a Windows 2008 R2 or Enterprise or Datacenter edition that has the CA role.
The first certificate created could not be used as code signing.