This blog describes the steps to add NumXL as a Trusted Publisher to address the problem of running NumXL add-ins after the MIS/IT department implemented new security policies that restricted application add-ins and macros in Microsoft Excel via the Microsoft Trust Center.

Trusted Publisher in Microsoft Excel

This blog stemmed from a support case involving an enterprise customer who had difficulties running NumXL add-ins after the MIS/IT department implemented new security policies that restricted application add-ins and macros in Microsoft Excel via the Microsoft Trust Center:

  1. Under the “Add-ins” section, Check or select the” Require Application Add-in to be signed by Trusted Publisher.” Option.
In this figure, the end-user selected the "require Application add-ins to be signed by Trusted Publisher" option in the Add-ins section of the Microsoft Office trust center.
  1. Under the “Macro Settings” section, Select or check the “Disable VBA macros except digitally signed macros” option.
In this figure, the end-user selected the "Disable VBA macros except digitally signed macros" option in the Macros settings section of the Microsoft Office trust center.
Although Spider Financial adheres to the best security practices and digitally codesigned the NumXL application and its associated macros, the end-user “Trusted Publishers” list did not include the public certificate of our codesigning key. Consequently, Microsoft Excel deactivated the NumXL add-ins and displayed a security warning message regarding the disabled active content.
In this figure, Microsoft Excel deactivated NumXL add-ins and macros and displayed a warning message for the deactivated content to the end user.

Resolution I:

The Warning message above includes a button to enable the add-in only for the current session but to make it permanent, you’d need to click on the link in the warning message to take you to “File->Info”:
The security warning button is located in the info section under the file tab. You can also access it by clicking on the link in the warning message. Next, This figure shows the security warning button. Press the down arrow on the button and select the Advanced options option.
Now, press on the “Enable Content” button, then select “Advanced Options”:
In this figure, Excel summarizes the issues found in the active content and gives the end user a few options to enable them for this session or permanently.

Now, you can add Spider Financial as a “Trusted Publisher,” and the security warning will not reappear.

The advantages of this approach are that it does not require heightened security permissions, meaning there is no need to contact the system administrator to add Spider Financial as a trusted publisher in the end-user list, unlike the local machine.

IMPORTANT: This approach may not work if the MIS/IT department enforces additional policies that prevent end-users from adding to the trusted publisher’s list or instructs Microsoft Office to disregard the end-user’s “Trusted Publishers” list. In that case, let’s consider the second approach.

Resolution II:

Starting with version 1.69.5, the NumXL installer, using its elevated permission, attempts to add the public certificate to the local machine’s “Trusted Publisher” list. For older NumXL versions or if the installer fails to add the certificate, you should manually add it, as described below.
To add or remove a public certificate from the “Trusted Publishers” list, launch the Microsoft Management Console (MMC) application by typing “mmc.exe” in a command window. The MMC requires elevated security permission, so you must call your administrator to complete this method.
After we launch the management console, the main window is blank and has no snap-on or content.
Next, use the menu to press “File” and select “Add/Remove Snap-in.”
Select “certificates” from the list of Snap-ins and press the “Add >” button (between the two panels). Then, select the “Computer Account” for your “local machine.”
In this window, the user selects the certificate snap-on of the computer account for the current machine. Press the OK button to finish
Press the OK to complete.
Now, select “Trusted Publishers” in the tree view in the left panel, and with your mouse, right-click in the right-hand panel and select “All Tasks->Import” from the popup menu.
The user selected (and expanded) the Trusted Publisher folder in the left-side panel, then, in the empty part of the right-side panel, press the right mouse button to display a popup menu, select the Import task (found under all tasks)
The certificate import wizard appears and asks for the certificate file. The NumXL public certificate file for the code-signing key can be found in the NumXL installation folder (e.g., C:\Program Files\NumXL).
In the certificate import wizard, the user selected the Spider Financial public certificate file (NumXL.cer) found in NumXL installation directory. Press the "Finish" button to finish the import
That’s all. The “Trusted Publishers” list should include Spider Financial.
Restart Microsoft Excel.

Leave a Reply

Your email address will not be published. Required fields are marked *

We are glad you have chosen to leave a comment. Please keep in mind that comments are moderated according to our comment policy.

Categories

Popular Tags

NumXL by Spider Financial

Useful Links

NumXL Tips & Tricks Newsletter

* You can unsubscribe anytime.

Facebook X-twitter Linkedin Youtube

© 2024 Spider Financial Corp | | Terms & Conditions | Disclaimer | Privacy Policy | Trademarks & Copyrights