Tutorial by Examples

Signing a script is done by using the Set-AuthenticodeSignature-cmdlet and a code-signing certificate. #Get the first available personal code-signing certificate for the logged on user $cert = @(Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert)[0] #Sign script using certificate Se...

To change the execution policy for the default scope (LocalMachine), use: Set-ExecutionPolicy AllSigned To change the policy for a specific scope, use: Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy AllSigned You can suppress the prompts by adding the -Force switch.

Often you might need to execute an unsigned script that doesn't comply with the current execution policy. An easy way to do this is by bypassing the execution policy for that single process. Example: powershell.exe -ExecutionPolicy Bypass -File C:\MyUnsignedScript.ps1 Or you can use the shorthan...

Getting the effective execution policy for the current session: PS> Get-ExecutionPolicy RemoteSigned List all effective execution policies for the current session: PS> Get-ExecutionPolicy -List Scope ExecutionPolicy ----- --------------- MachinePolicy Undefined...

Get information about the Authenticode signature from a signed script by using the Get-AuthenticodeSignature-cmdlet: Get-AuthenticodeSignature .\MyScript.ps1 | Format-List *

When signing personal scripts or when testing code signing it can be useful to create a self-signed code signing certificate. 5.0 Beginning with PowerShell 5.0 you can generate a self-signed code signing certificate by using the New-SelfSignedCertificate-cmdlet: New-SelfSignedCertificate -Friendl...