Before you can sign your PowerShell code you’ll need to have a code-signing certificate. If you’re selling your powershell, you’ll want a certificate from a public CA, and there are ways to create your own certificate, but I’ll be focusing on how to do it with an Active Directory Certification Authority.
First, you’ll need to tell your CA that it can issue Code Signing Certificates. Open the Certification Authority management console, expand to show Certificate Templates. Then choose New and Certificate Template to Issue.
Then select the Code Signing template.
Now close out the Certification Authority console. Then open an MMC with your certificates. To do this open an MMC, add the Certificates Snap-In, and choose your user account as the context.
Once this is open, right-click on your Personal certificate store, choose All Tasks, and Request New Certificate.
In the certificate request wizard, click next, make sure Active Directory Enrollment is selected, click next, check the box for code signing and then click Enroll.
You now have a certificate that can be used for PowerShell code signing.