You might have got a requirement to update the existing (deployed) office solution. If so, here are some key points related to signing certificates, that you need to keep in mind before doing this, which are suggested by msdn.
- Ensure that the solution is set up to provide the correct evidence for the security checks –
- If the old solution is signed with a trusted certificate, sign the updated solution with the same certificate. If the certificate has expired or cannot be reused, use a certificate that is trusted at the enterprise level.
- If the ClickOnce trust prompt was used for trust but the zone has been disabled, the solution will be disabled.
- If the signing key was changed, trust must be re-established by using the ClickOnce trust prompt, or the certificate must be trusted at the enterprise level. If the trust is pre-established, the first version will be uninstalled and the updated version will be installed.
- If the new certificate is trusted at the enterprise level, then the update takes place with no prompting.
- If the new certificate is not trusted, a trust prompt is displayed to the user, if the prompt is allowed.
The Office solution is published to a folder at the same directory level as the old solution, but with an incremented version number. The application and deployment manifests are replaced, so the user is automatically directed to the new version the next time the solution checks for updates.