When creating scripts in Powershell, it’s a good idea to setup a code signing cert and add it to your cert store. Here are the steps I use(d).
First, I know MS has the New-SelfSignedCertificate natively now, but I still downloaded the one here.
Then, in Powershell ISE, just run:
1 2 New-SelfsignedCertificateEx -Subject "CN=Test Code Signing" -EKU "Code Signing" -KeySpec "Signature" ` -KeyUsage "DigitalSignature" -FriendlyName "Test code signing" -NotAfter $([datetime]::now.AddYears(5))
- Then, to sign a script, just type:
1 2 $MyCert =(dir Cert:\CurrentUser\My -CodeSigningCert) # Example Set-AuthenticodeSignature .\test.ps1 -Certificate $MyCert
- You could place the $MyCert variable in your profile on the machine you ran this on and then just have that sign all the scripts you produce.