I have a new digital certificate, which requires me to log in each time it's used and prevents me from exporting a pvk file to use in Visual Studio.
I have created a C# COM Addin to run in Excel (not VSTO, not ClickOnce, just a C# assembly dll registered for COM Interop) and have been able to use signtool in a post-build step to sign the dll. As this is a dongle-based certificate, I don't have (and can't create) a pfx file to use in the Visual Studio "Code Signing" step.
I created a wix bundle installer to create and install both 32- and 64-bit versions of the dll and successfully used the wix bundle signing instructions to create a signed installer.
When I run the installer and install the DLL, I can right-click the DLL and see that it's signed with my signature just fine.
In the Excel Trust Center, there's an option under "Add-ins" to "Require Application Add-ins to be signed by Trusted Publisher".
If that is unticked, my addin runs just fine.
If that option is ticked, my addin gets disabled and digging through the message reasons I find "Warning: There is no digital signature available"
I'm guessing that's because Excel is seeing mscoree as the engine and I somehow need to sign something else in the dll. But what, and how?
I've been searching but can't find the magic incantation that I need to perform to get my dll signed in a way that Excel recognises. Can anyone help?
I've tried: Signing the dll with signcode Signing the installer
Whatever I do, Excel doesn't think there's a certificate there. I'm guessing that I need to create something else in the build (manifest?) and sign that, but I've no idea what or how. At the moment, I just use the VS 'Build' process.