This article describes how to obtain a digital certificate to create a digital signature, and why you have to have a digital signature (or digital ID) to digitally sign your documents. To work with digital signatures in a Microsoft Word 2010 document, Excel 2010 spreadsheet, or PowerPoint 2010 presentation, click the following link:
In this article
Get a digital signature from a certificate authority or a Microsoft partner
If you plan to exchange digitally-signed documents together with other people, and you want the recipients of your documents to be able to verify the authenticity of your digital signature, you can obtain a digital certificate from a reputable third-party certificate authority (CA)
Create a digital certificate to digitally sign a document immediately
If you do not want to purchase a digital certificate from a third-party certificate authority (CA), or if you want to digitally sign your document immediately, you can create your own digital certificate.
In Windows, click the Start button. Select All Programs.
Click the Microsoft Office folder, then click the Microsoft Office 2010 Tools folder.
Click Digital Certificate for VBA Projects.
On the Create Digital Certificate dialog box, type a name for your certificate,
Important: If you digitally sign a document by using a digital certificate that you created, and then you share the digitally-signed file, other people cannot verify the authenticity of your digital signature without manually deciding to trust your self-signed certificate.
The following image is an example of the Create Digital Certificate dialog.
Note: To learn more about digital IDs in Microsoft Outlook 2010, see Get a digital ID
What is a digital signature?
A digital signature is an electronic, encrypted, stamp of authentication on digital information such as e-mail messages, macros, or electronic documents. A signature confirms that the information originated from the signer and has not been altered.
The following image is an example of a signed signature line in an Office file.
Signing certificate and certificate authority
Signing certificate To create a digital signature, you have to have a signing certificate, which proves identity. When you send a digitally-signed macro or document, you also send your certificate and public key. Certificates are issued by a certification authority, and like a driver’s license, can be revoked. A certificate is usually valid for a year, after which, the signer must renew, or get a new, signing certificate to establish identity.
Note: You can learn more about public and private keys in this article.
Certificate authority (CA) A certificate authority is an entity similar to a notary public. It issues digital certificates, signs certificates to verify their validity, then and tracks which certificates have been revoked or have expired.
Digital signature assurances
Authenticity The signer is confirmed as the signer.
Integrity The content has not been changed or tampered with since it was digitally signed.
Non-repudiation Proves to all parties the origin of the signed content. Repudiation refers to the act of a signer denying any association with the signed content.
Notarization Signatures in Microsoft Word 2010, Excel 2010, or PowerPoint 2010 files, which are time stamped by a secure time-stamp server, under certain circumstances, have the validity of a notarization.
To make these assurances, the content creator must digitally sign the content by using a signature that satisfies the following criteria:
The digital signature is valid.
The certificate associated with the digital signature is current (not expired).
The signing person or organization, known as the publisher, is trusted.
Important: Signed documents, which have a valid time stamp, are considered to have valid signatures, regardless of the age, or revocation status, of the signing certificate.
The certificate associated with the digital signature is issued to the signing publisher by a reputable certificate authority (CA).