Monthly Archives: June 2012

Generate Code Signing Certificates Using An Enterprise Certificate Authority

If you’re creating macros in Microsoft Office, or other code that needs to be signed and trusted for internal use, you can easily create code signing certificates using an Enterprise Certificate Authority (ECA).

Log onto the ECA and open Server Manager

Expand Roles -> Active Directory Certificate Services

Navigate to the Certificate Templates section.  In the right hand pane, right click on the Code Signing certificate. choose Properties and click on the Security tab

Add the Read and Enroll permissions for the users that need to be able to generate certificates.


In Group Policy, add the ECA server to Trusted Sites in Internet Explorer and enable “Initialize ActiveX unsafe for scripting” for the Trusted Sites zone.  This resolve the “CA must be configured to use HTTPS authentication error.

Navigate to the ECA website address, e.g. http://%ECA_SERVER_NAME%/certsrv/

Choose Request a certificate, then choose the option for and advanced request, followed by Create and submit a request to this CA

Accept any security prompts that follow

From the certificate type drop down choose Code Signing, provide a friendly name and click Submit

Finally, click Install this certificate

The certificate is now installed and ready for use.



Scheduled Task To Run A Batch File

I recently ran into a problem where I’d scheduled a batch file to run on a Windows Server 2008 R2 server, task manager reported the task had run, but it hadn’t.

The batch file was in F:\Folder1\ and the scheduled task screen was as below

In order to get the batch file to run, I had to set the Program\script box to contain just the name of the script and place the folder path in the Start in (optional) box