Code signing without exe

I know this isn’t quite in the right domain to ask but hope someone may have had similar needs and know the answer. I have a code signing certificate but in some cases would like to sign an .xlsm file rather than either code sign the exe or even a code signed installer via Paquet Builder.

Microsoft guidance seems a little unclear but my attempts in code signing the .xlsm file from the VBA window runs, hangs and then on exit always reports it as unable to sign. Guidance from Sectigo is far too painful to keep putting oneself through that!

Therefore may I ask if it is possible simply to code sign the macro enabled spreadsheet and if so can you point me in the right direction to some comprehensive guidance.

Thank you,


Maybe this can be helpful:

Thank you but this is the guide I have followed. When I get to the appropriate step 5 the system just hangs (no clue as to whether anything is processing). If you close the file - you’ll get “unable to sign” message. Am not sure whether leaving the “hang” status for any longer period of time would make any difference.


Download the Windows SDK, and install the Code Signing component.
Once installed go to the install path, on my local workstation it was here: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86
Copy the x86 version of SignTool.exe to your working path: C:[workingpath]\SignTool.exe
Download and run the Microsoft Office Subject Interface Package, during the installer it will ask for an installation path, choose a path like: C:[workingpath]\MSOSIP and
Make sure the Microsoft Redistributable are installed
Open a Admin powershell window (MAKE SURE YOU ARE IN ADMINISTRATOR MODE) and navigate to C:[workingpath]\ and type
regsvr32.exe .\MSOSIP\msosip.dll
regsvr32.exe .\MSOSIP\msosipx.dll

You should then be able to code sign the .xlsm from the VBE Tools - Digital Signature. The trick seems to be when installing those dll files you must be the administrator - otherwise you’ll just get issue after issue!

Not yet found out how to prove the signature is in place other than going to VBE Tools - Digital Signature as the file Properties tab isn’t showing it. One step closer though!

1 Like

Hi Dave,

ok, let’s try.

win + R

file - add snap in - certificates - own user account - ok

own certificates - right click - all tasks - import- your certificate


try double click on your certificate.pfx and import

open your file (xlsm)
in microsoft visual basic go to extras digital signatur and choose your certificate

regards Frank

Hi Frank

The method explained in my update does work. I posted it because the general advice is lacking and when someone helped me with these updated instructions it worked for them but not me. It was resolved for me only when the dll files were put back into powershell in administrator mode.

The latter query is about proving that the code signature is in place. I thought you could view the certificate from the Properties tab but it is not visible there. The only place I can find to check it exists is from the VB Editor and Tools and Digital Signature, That is fine but if you wanted a user to check the validity of the code sign then prompting them to the VB Editor/Developer tab probably isn’t wise. Thanks.

1 Like