Policy

Allow root or intermediate certificates as VBA trusted publishers

Microsoft Office

Back to Security SettingsBack to main
Allow root or intermediate certificates as VBA trusted publishers
Jump to overview

Policy overview

Key metadata and intent for this policy.

User
Category
Microsoft Office 2016 > Security Settings
Supported on
Windows 10

Supported OS tags: Windows10

This policy setting controls whether root and intermediate certificates can be added as trusted publishers for VBA macro validation when the VBA Macro Notification Settings policy is set to "Disable all except digitally signed macros". If you enable this policy setting, administrators can add root or intermediate certificates to the trusted publishers store. VBA macros signed by any certificate that chains to these trusted root or intermediate certificates will be considered as signed by a trusted publisher and allowed to run. If you disable or don't configure this policy setting, only end (leaf) certificates can be added as trusted publishers. Note: This policy setting only takes effect when the VBA Macro Notification Settings policy is set to "Disable all except digitally signed macros".

Internal name
L_VBADigSigChainTrustedPublishers
Policy ID
9fc55af529b1
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
User
Path
software\policies\microsoft\office\16.0\common\security
Value name
vbadigsigchaintrustedpublishers
REG_DWORD
HKCU
1
HKCU
0
Registry location
Type REG_DWORD · User
Path
software\policies\microsoft\office\16.0\common\security
Value name
vbadigsigchaintrustedpublishers
Hive
HKCU
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.