The information in this article applies to:
Tabs3 and PracticeMaster programs and the PracticeMaster Word document template (*.DOT and *.DOTM) files are digitally signed with a Code Signing Certificate. This "certificate" information is embedded into the actual files (e.g., stimain.dot) and tells the checking program (e.g., Microsoft Word, Internet Explorer, QuickBooks, etc.) that the template or program file is genuinely from Software Technology, Inc. The certificate also serves as proof to the checking program that the template or program file has not been altered since it was created.
There are several reasons for digitally signing executable code:
We want users of our software to be confident that running our applications is safe. Programs that use Microsoft's Authenticode™ technology (such as Microsoft® Word and QuickBooks®) check our document templates and programs to determine whether they are from a trusted source.
Document assembly templates for Microsoft Word are digitally signed.
The first time Tabs3 attempts to pass data to QuickBooks, the user will see that a certified application, Tabs3 Billing Software from Software Technology Inc., is requesting access to a QuickBooks data file. Select "Yes, always; allow access even if QuickBooks is not running". Then click the Continue button.
You will then receive a QuickBooks Access Confirmation window. Click the Done button to complete the request.
Note: If integrating QuickBooks with Tabs3 version 14.3 or earlier, Tabs3 may time out during the request process and display a Server Busy window.
If this situation occurs, click the Switch To button in order to go back to the QuickBooks Access Confirmation window. Then, click the Done button to complete the request. Once you have completed the Access Confirmation request, click the Retry button on the Tabs3 Server Busy window to begin integration.
Note: This section contains technical information about the code signing and verification processes. If you are curious about digital certificates, you may find this information helpful.
Digital code signing is based on the theory of public key cryptography. A reputable Certification Authority (CA), such as Comodo Group, Inc. or VeriSign, performs extensive background checks on all companies that apply for digital certificates. Assuming that the results of the background checks are satisfactory, the CA takes responsibility for granting a digital certificate to the publisher that applied for it. The digital certificate provided by the CA to the publisher includes the publisher's name, the publisher's public cryptographic key, and the name of the CA's certificate. The publisher is also provided with a private key, which is a code stored very securely by the publisher and is not available to anyone else.
The publisher "signs" its executable code (such as document templates and program files) by running the code through a one-way hash function that produces a fixed-length "digest". The digest is then encrypted using the publisher's private key and combined into a signature block with the name of the hash algorithm and the publisher's digital certificate. This signature block is then inserted back into the code, which is then distributed.
The checking application that uses Authenticode (in this case, Word or QuickBooks) extracts the signature, determines the signature's CA, and uses the publisher's public key to decrypt the included digest. The decrypted digest is run on the publisher's code again, creating a new digest. If the code has not been modified since it was signed, the new digest created during the process of checking the certificate should match the old digest that was created when the publisher signed the code. If the two digests do not match, it implies that either the code has been modified, or the public and private keys are not a matched pair. In either case, the code becomes suspect and the user is warned about this fact. If the two digests do match, the checking program displays a confirmation message indicating that the code is authentic; it really did come from the publisher whose certificate is included, and it has not been modified since it was created.
THE INFORMATION PROVIDED IN THE SOFTWARE TECHNOLOGY, INC. KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. SOFTWARE TECHNOLOGY, INC. DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL SOFTWARE TECHNOLOGY, INC. OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF SOFTWARE TECHNOLOGY, INC. OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
© 1999-2012 Software Technology, Inc. All rights
reserved. Terms of Use
The maker of Tabs3 and PracticeMaster
Tabs3, PracticeMaster, and the “pinwheel” symbol (
) are registered trademarks of Software Technology, Inc.
e-Mail Suggestions for the Knowledge Base to: kb@Tabs3.com
Technical Support via e-mail is not available.
Knowledge Base: http://support.Tabs3.com
Web Site: http://www.Tabs3.com