digitally signing an Infopath Form Template so that it can run as Full Trust

Richard has been working on an InfoPath/SharePoint project recently, and his tip relates to digitally signing an Infopath Form Template so that it can run as Full Trust.

An Infopath Form needs to run at Full Trust when Managed Code is added to the form. http://msdn.microsoft.com/en-us/library/bb251020.aspx.

To avoid purchasing a code-signing certificate you can issue a self-signed certificate. You need to make sure that the certificate that you request is a code-signing certificate. And to do this you need to enable code-signing in the certificate authority. http://www.thorprojects.com/blog/archive/2007/06/30/domain-certificate-authority-signing-infopath-2007-forms.aspx.

So far so good. The problem that I have experienced is that the certificate that is received is not trusted. And so additional steps are required to make the certificate trusted. If you do not do this then the certificate will not be available to sign the Infopath form.

Export the self-signed certificate from the Personal\Certificates node. Select both the Cryptographic Message Syntax Standard – PKCS #7 Certificates (.P7B) and Include all certificates in the certification path if possible options on the Export File Format page.

Import the exported self-signed certificate into Trusted Root Certification Authorities\Certificates node.

At this point you can sign the Infopath form. http://office.microsoft.com/en-us/infopath/HP101636661033.aspx