Last active
November 12, 2017 17:39
-
-
Save techthoughts2/d5153ccae8c760385d042ae79fb04dfd to your computer and use it in GitHub Desktop.
tbd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#requires -Version 5 | |
# this is where the cert file will be saved | |
$Path = "$env:temp\codeSignCert.pfx" | |
# you'll need this password to load the PFX file later | |
$Password = Read-Host -Prompt 'Enter new password to protect certificate' -AsSecureString | |
# create cert, export to file, then delete again | |
$cert = New-SelfSignedCertificate -KeyUsage DigitalSignature -KeySpec Signature -FriendlyName 'IT Sec Department' -Subject CN=SecurityDepartment -KeyExportPolicy ExportableEncrypted -CertStoreLocation Cert:\CurrentUser\My -NotAfter (Get-Date).AddYears(5) -TextExtension @('2.5.29.37={text}1.3.6.1.5.5.7.3.3') | |
$cert | Export-PfxCertificate -Password $Password -FilePath $Path | |
$cert | Remove-Item | |
#------------------------------------------------ | |
$cert = Get-PfxCertificate -FilePath "$env:temp\codeSignCert.pfx" | |
# a lot can be done with $cert now - check out GM | |
#------------------------------------------------ | |
# this could be used now to for example, sign your scripts: | |
# read in the certificate from a pre-existing PFX file | |
$cert = Get-PfxCertificate -FilePath "$env:temp\codeSignCert.pfx" | |
# find all scripts in your user profile... | |
Get-ChildItem -Path $home -Filter *.ps1 -Include *.ps1 -Recurse -ErrorAction SilentlyContinue | | |
# ...that do not have a signature yet... | |
Where-Object { | |
($_ | Get-AuthenticodeSignature).Status -eq 'NotSigned' | |
} | | |
# and apply one | |
# (note that we added -WhatIf so no signing occurs. Remove this only if you | |
# really want to add digital signatures!) | |
Set-AuthenticodeSignature -Certificate $cert -WhatIf | |
# find all scripts in your user profile... | |
Get-ChildItem -Path $home -Filter *.ps1 -Include *.ps1 -Recurse -ErrorAction SilentlyContinue | | |
# ...and check signature status | |
Get-AuthenticodeSignature |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment