Clever Geek Handbook

Deploying VSTO Add-in on Windows 8 without a Signed Certificate

I wrote a Word VSTO add-in that I would like to give to some colleagues and friends. I originally wanted to use ClickOnce for deployment because it is easy to set up for me and also very easy to install. Deploying my add-in works fine on Windows 7, but I have some problems with Windows 8 / 8.1. SmartScreen Filter complains about my add-on and prevents installation entirely. HereI figured out that the problem was that I hadn't signed the add-in with a real certificate. The only solution seems to be to force the user to "install a test certificate in the trusted publishers store" (which they highly recommend) or get a certificate from an authority, which is not an option for me as I'm just a hobby developer and don't want to pay hundreds of dollars / euros per year for a certificate.

So, is there any other way to deploy the add-in without a certificate? Can I use a different installer that doesn't require a certificate? Or does SmartScreen always block all attempts to install a VSTO add-in that is not signed with a "real" certificate, regardless of the installer?

Microsoft annoys me a lot in this regard. Why are they making it so difficult for small and independent developers to deploy their application to their users?

Any help would be really appreciated!

sr258

+3


source to share


3 answers


A certificate is required for security reasons. Instead of buying a certificate from a trusted vendor, you can configure security settings on your PC (at least disable Smart Filter) and use a test certificate. See Granting Trust in Office Solutions .



The Deploy Office Solution section on MSDN describes all the steps required to contribute Office Add-ins. You may also consider using an MSI installer (InstallShield, WiX, etc.).

+2


source


You can use Visual Studio Setup Projects

or Wix Based Setup

to deploy your VSTO add-ins.



I have distributed Signed as well as Unsigned VSTO based add-ins

. I always prefer the usual settings. The only issue I have with Untagged signed VSTO headers is that the Trust Center

Client Office setting restricts or warns the user when the Office application is first launched.

+2


source


The best solution is to distribute a zip containing the .vsto and instruct the user to click on it instead of clicking on setup.exe.

0


source






More articles:


All Articles