Zotero Word Template Certificate Update

MizzouLTS · January 9, 2024

Good afternoon! I'm an IT Pro for the University of Missouri Libraries, and I noticed a certificate (Corporation for Digital Scholarship, issued by Sectigo RSA Code Signing CA) assigned to macros in the Zotero Word template file (Zotero.dom) expired on January 5th, 2024. Functionality of Zotero does not appear to be impacted at this time even though my institution rigorously enforces signed macros. The latest version available (6.0.30) and the beta (7.0.0-b.54) do not seem to include an updated certificate. Will a new certificate be issued and the template updated in the near future?

Thank you for your time, and please let me know if I can provide any additional information.

dstillman · January 9, 2024

The signature is timestamped, so it remains valid after expiration of the certificate. It's not like a website certificate where the certificate stops being valid as soon as it expires. There just can't be a new version without a new certificate.

We might include a new version with a new certificate in Zotero 7 just to avoid confusion, but the signature remains perfectly valid.

MizzouLTS · January 9, 2024

Good to know. Your explanation is very much appreciated, and I'll keep it in mind for future updates.

accercel · January 28, 2024

Hi, I have an issue with this as my institution's security settings have blocked the use of the Zotero Word plugin. Is there any chance to issue a new certificate?

dstillman · February 6, 2024

The Zotero 7 beta now includes an updated .dotm with a new certificate. Let us know if that works for you. As I say above, the current certificate should still be valid, but it's possible either Word or some institutional policies are preventing it from working as it should.