Create a Code Signing Certificate And Sign Scripts With PowerShell

In this blog post, I will show you how to create a code signing certificate and sign PowerShell scripts using PowerShell.

Get Started

In some cases and environments, you might need to and forced to sign your PowerShell script in order to run it.

Using the code in this post, I will show you how to do the following:

  • Create a code signing certificate
  • Sign a PowerShell script with the self-signed certificate.

Code

Let’s start with creating a code signing certificate using the following PowerShell code which will use a variable called mycert.

$mycert = New-SelfSignedCertificate -Subject "My code signing cert" -Type
CodeSigningCert -CertStoreLocation "Cert:\CurrentUser\my"

Next, I will go ahead and sign a PowerShell script I have created before called signedscript.ps1  with the certificate we just created in the above code:

Set-AuthenticodeSignature -Certificate $mycert -FilePath .\signedscript.ps1 -Verbose

To check the certificate I will run the following cmdlet, however, you will notice that the status shows error and the reason you get it is because the certificate is self-signed.

Get-AuthenticodeSignature .\signedscript.ps1 | fl

Processing…
Success! You're on the list.