We have a VBA script in Outlook that generates a popup when sending external emails. Apparently the script's signature expired over the weekend. The person who signed it is no longer here. I see the certificate in the CA on our DC but no option to renew.
I've generated a code signing cert and imported it into my computer but the VBA editor keeps saying No usable signing certificates are available. I see the cert in my cert store. The template says "Code Signing" instead of original cert "%ORG% Code Signing" if that matters.
I really have no idea what I'm doing and have spent hours digging online and researching to get this far. I'm at a dead end and could use some help getting this signed again. If there is a better more modern alternative to get a user prompt for external recipients let me know.
Sorry, I'm not a big expert here, but will still try to add my 5 cents...
First of all, have you tried self-signed certificate? It is easier to debug, will help you test locally. https://social.technet.microsoft.com/Forums/lync/en-US/6b06b276-4266-4f29-ae22-2a3c86c4238f/certificate-for-digital-signature?forum=outlook
Next, are you sure you have imported private key as well with the certificate? Most probably you will need it, as far as I understand the signing mechanism (sorry if I will mislead you; if you are buying the idea of private key, kindly check how to install it there: https://security.stackexchange.com/questions/25996/how-to-import-a-private-key-in-windows - you'll need PFX instead of CER, otherwise no private key is imported).
Last, in which container in your certificate store have you imported your certificate? It might also impact the outcome. https://answers.microsoft.com/en-us/msoffice/forum/all/vba-i-installed-digital-signing-certificate-but/231529b1-8099-4c7b-9bb6-2c36aeba00a4
Steps to get certificate for signing
Manage User CertificatesPersonal>All Tasks>Request New CertificateActive Directory Enrollment Policy>NextCode Signingtemplate and clickEnrollVBA editor should now see the certificate and allow you to sign the script.
If using the signed script across a domain, the certificate will need to be exported and then added to a group policy to be imported on each machine that will use the script.