Security prompt for unsigned add-ins

Thanks Jeremy.  The add-ins I'm having trouble with do not have certificates associated with them, so I see now why it's impossible for me to completely eliminate the security prompt unless I create and install my own certificates, as recommended in the thread.  I'll give that a shot.  Thanks again for your help.

Thanks Troy.  As it turns out, the add-ins I'm having trouble with did not come with certificates, so there's nothing to install, manually or otherwise.  I'm looking into creating my own certificates to go with the add-ins.  Thanks again for responding.

I will be interested in any feedback. We have some (only) computers on the network that continually ask the Always Load question. In other cases answering Always Load does what is expected, i.e. does not ask again until the addin changes. We also do not have certificates, and cannot edit the registry without getting access to the original 10 Commandments and making it 11. Using Revit 2017 and it has only happened recently. Dale

For unsigned addins, you can add their addin GUID to the registry to prevent the "Always Load" prompt from coming up.

You can find my original explaination here: https://www.revitforum.org/architecture-general-revit-questions/31547-revit-2017-signed-addins-not-a...

Here is what I posted:

Unsigned certificates
I have created a batch file that will create a registry DWORD (32-bit) Value for each of the addins in the following location:

HKEY_CURRENT_USER\SOFTWARE\Autodesk\Revit\Autodesk Revit 2017\CodeSigning\

The name of the DWORD is the GUID found inside the .addin file called <AddInId>. The DWORD value is 1. (See screenshot attached below)


Here is an example for importing my BIM Consortium addin, which is currently unsigned, into the registry. You can add all of the addin GUIDs to the reg file instead of doing each one individually.

bimcon.reg file:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Autodesk\Revit\Autodesk Revit 2017\CodeSigning]
"08286877-1fdf-4dec-bb62-0a6259c5aedb"=dword:00000001

bimcon.bat file

reg import bimcon.reg

Update: I self-signed one of the add-ins I'm having trouble with using my own CA, but unfortunately I'm still occasionally getting the prompt about that add-in (along with the other two, which I did not sign yet).  I have verified, from the text of the security prompt, that Revit is looking at the new, signed version of the .dll file, based on the time-date stamp displayed.  So self-signing the add-in's .dll file is not working for me.

I then tried to implement Troy's suggestion of manually adding the DWORD key with the GUID for my add-in, with value 1, to my registry, but when I made this attempt I found that such a DWORD key already existed, so I could not add it again (due to the conflict in the key names, both being named for the same GUID).  Apparently I already had that implemented, but it also is not preventing the occasional security prompt.

I'm open to any other suggestions, but it's starting to look like my users will just have to live with this occasional annoyance, at least until we upgrade to Revit 2018, and/or drop the use of the three add-ins that are triggering the security prompts, or until the creators of the add-ins issue signed versions.

George

Is this still a viable solution to self signing plugins?

Thanks