Obtain a digital certificate to create a digital signature

This article describes how to obtain a digital certificate to create a digital signature, and why you have to have a digital signature (or digital ID) to digitally sign your documents. To work with digital signatures in a Microsoft Word 2010 document, Excel 2010 spreadsheet, or PowerPoint 2010 presentation, click the following link:

Add or remove a digital signature in Office files

In this article


Get a digital signature from a certificate authority or a Microsoft partner

If you plan to exchange digitally-signed documents together with other people, and you want the recipients of your documents to be able to verify the authenticity of your digital signature, you can obtain a digital certificate from a reputable third-party certificate authority (CA) or from Office Marketplace.

Office Marketplace

To get a digital certificate from a trusted Microsoft partner, go to Office Marketplace, Digital Signing, where you can purchase a digital certificate from a third-party certificate authority (CA) (certificate authority (CA): A commercial organization that issues digital certificates, keeps track of who is assigned to a certificate, signs certificates to verify their validity, and tracks which certificates are revoked or expired.) with an Office Marketplace listing.

Top of Page Top of Page

Create a digital certificate to digitally sign a document immediately

If you do not want to purchase a digital certificate from a third-party certificate authority (CA), or if you want to digitally sign your document immediately, you can create your own digital certificate.

  1. In Windows, click the Start button. Select All Programs.
  2. Click the Microsoft Office folder, then click the Microsoft Office 2010 Tools folder.
  3. Click Digital Certificate for VBA Projects.
  4. On the Create Digital Certificate dialog box, type a name for your certificate,
  5. Click OK.

 Important   If you digitally sign a document by using a digital certificate that you created, and then you share the digitally-signed file, other people cannot verify the authenticity of your digital signature without manually deciding to trust your self-signed certificate.

The following image is an example of the Create Digital Certificate dialog.

Create Digital Signature dialog

 Note   To learn more about digital IDs in Microsoft Outlook 2010, see Get a digital ID

Top of Page Top of Page

What is a digital signature?

A digital signature is an electronic, encrypted, stamp of authentication on digital information such as e-mail messages, macros, or electronic documents. A signature confirms that the information originated from the signer and has not been altered.

The following image is an example of a signed signature line in an Office file.

Signature line with signature

Signing certificate and certificate authority

Signing certificate     To create a digital signature, you have to have a signing certificate, which proves identity. When you send a digitally-signed macro or document, you also send your certificate and public key. Certificates are issued by a certification authority, and like a driver’s license, can be revoked. A certificate is usually valid for a year, after which, the signer must renew, or get a new, signing certificate to establish identity.

 Note   You can learn more about public and private keys in this article.

Certificate authority (CA)     A certificate authority is an entity similar to a notary public. It issues digital certificates, signs certificates to verify their validity, then and tracks which certificates have been revoked or have expired. Microsoft Office has several solutions for obtaining certificates through Office Marketplace, Digital Signing.

Digital signature assurances

  • Authenticity     The signer is confirmed as the signer.
  • Integrity     The content has not been changed or tampered with since it was digitally signed.
  • Non-repudiation     Proves to all parties the origin of the signed content. Repudiation refers to the act of a signer denying any association with the signed content.
  • Notarization     Signatures in Microsoft Word 2010, Excel 2010, or PowerPoint 2010 files, which are time stamped by a secure time-stamp server, under certain circumstances, have the validity of a notarization.

To make these assurances, the content creator must digitally sign the content by using a signature that satisfies the following criteria:

  • The digital signature is valid.
  • The certificate associated with the digital signature is current (not expired).
  • The signing person or organization, known as the publisher, is trusted.

 Important   Signed documents, which have a valid time stamp, are considered to have valid signatures, regardless of the age, or revocation status, of the signing certificate.

  • The certificate associated with the digital signature is issued to the signing publisher by a reputable certificate authority (CA).

Top of Page Top of Page

 
 
Applies to:
Access 2010, Excel 2010, PowerPoint 2010, Word 2010