I need to create a self-signed certificate which I can use to sign different kind of Office macros (for Outlook, Excel etc.).
I must be able to use this certificate on all workstations in my domain, so about 40 different computers. They all use the same macros and I want to be able to tell Excel and Outlook to only run digitally signed macros for security reasons.
We're using Office 2016 on Windows 10
When i google how to do this, they suggest to use the SELFCERT.exe from Office root folder to create the certificate, but that only seems to work for my own workstation and not for the whole company.
I'm not experienced at all when it comes to certificates, my questions are:
- Can I use a self-signed certificate for this purpose or do I need a certificate signed by a trusted authority?
- What do I need, and where do I need to store the certificates (I think I need a codesigning cert, but do I also need a root authority certificate?)
- How can I create these certificates? I'd prefer PowerShell, but would also be happy to create them via GUI or cmd
If you know an answer I would appreciate it if you could explain it in details since I don't really know what I'm doing. Thank you very much
