How to sign powershell scripts

In order to sign powershell scripts, code signing certificate is needed. Finding code signing certificates from user personal certificate store and storing it to a variable called $signcert can be done using following powershell command:

$signcert = (dir cert:currentuser\my\ -CodeSigningCert)
After storing the certificate for signing into $signcert, we can use Set-AuthenticodeSignature to sign the script. I'm running the Set-AuthenticodeSignature with TimeStampServer parameter, that will provide signed script to run even though the signing certificate gets expired. In most cases this scenario will be OK.
There are a lot of TimeStampServer providers, in my example I'll use server from Comodo. So, the signing script cmdlet will look like this :

Set-AuthenticodeSignature .\scripttobesigned.ps1 $signcert -TimestampServer

There is great two part tutorial about signing scripts on:



Popular posts from this blog

How to convert string to Base64 and vice versa using Powershell

Machine domain group policy failed to apply

Install Windows Server 2012 on HP DL 380 G5