Q: Is it possible to have a signature valid even after the certificate expires? I sign Excel 2007 Macros (and other Office documents) and would like to obtain a timestamp so that the digital signature remains valid even after the certificate expires.
A: Yes. A certificate simply states that the code was signed when the signature was valid, and therefore, the signature remains valid as long as you still trust the original signer. It allows you to avoid having to redistribute a whole solution just because the signature expired. There is no requirement for the certificate to be purchased again. For more information, see Signing Macros Digitally to Verify the Source.
– Andrea Weiss