1. Developing Integrated Spreadsheets Using Oracle Visual Builder Add-in for Excel
  2. Security
  3. The Digital Certificate

The Digital Certificate

The artifacts that make up the Oracle Visual Builder Add-in for Excel are signed with a digital certificate. The digital signature proves the authenticity of these artifacts and verifies the identity of the publisher, Oracle. Digital signatures are created using certificates issued from trusted certificate authorities.

Certificates are used to sign artifacts during the product build process. All "sign-able" artifacts are signed starting with the installer (MSI) file and including all the DLLs that make up the add-in.

Note:

This topic provides the procedures in Windows Explorer to view and install the certificate as well as copy the certificate's public key. Be aware that the steps may be different for different editions and versions of Windows. Check the documentation for your version of Windows for more information.

Can I inspect the certificate?

You can inspect these certificates before and after installation to verify the authenticity of the add-in's artifacts.

To do so, navigate to the installer file (vbafe-installer-all-users.msi for the all-users installer), open the Properties window, then select the Digital Signatures tab.

Caution:

If the Digital Signatures tab is missing on the installer, discard the file. It may not be authentic.

Expired Signatures

An expired certificate doesn't mean that the signature is invalid. A properly timestamped signature remains valid well after the "valid from/to" date range shown in the certificate.

To get the latest certificate, upgrade to the latest available version of the add-in.

Trusted Publishers

Microsoft Excel offers an optional trust center setting called Require Application Add-ins to be signed by Trusted Publisher.

To use this feature, install the certificate:

  1. From the Digital Signatures tab, select the signature from the Signature list and click Details.
  2. From the Digital Signature Details dialog, select the General tab, then click View Certificate.
  3. From the General tab of the Certificate dialog, click Install Certificate....
  4. From the Certificate Import Wizard, choose either Local Machine for the all users installer or Current User for the current user installer.
  5. Click Next.
  6. Select Place all certificates in the following store and then click Browse.
  7. From the Select Certificate Store dialog, select "Trusted Publisher" and then click OK.
  8. Click Next, then Finish to close the wizard.

The certificate now appears in Excel's Trust Center.

Please consult Microsoft documentation for more information.

The Public Key

To get a copy of the public key associated with the add-in's digital certificate:

  1. From the Digital Signatures tab, select the signature from the Signature list and click Details.
  2. From the Digital Signature Details dialog, select the General tab, then click View Certificate.
  3. From the Certificate dialog, select the Details tab, then select Public Key from the list.
  4. Click Copy to file....
  5. Follow the instructions in the Certificate Export Wizard.

The Add-in's Certificate Update Cycle

Oracle acquires a new digital certificate approximately every two years. Once available, subsequent releases of the add-in are signed with the new certificate.

If you have installed the certificate and public key previously, you may need to repeat that process after you upgrade to a new version of the add-in signed with a new certificate.