PowerShell Code Signing (Part 1/2)

Before you can sign your PowerShell code you’ll need to have a code-signing certificate.  If you’re selling your powershell, you’ll want a certificate from a public CA, and there are ways to create your own certificate, but I’ll be focusing on how to do it with an Active Directory Certification Authority.

First, you’ll need to tell your CA that it can issue Code Signing Certificates.  Open the Certification Authority management console, expand to show Certificate Templates.  Then choose New and Certificate Template to Issue.

CertPS1 (1)

Then select the Code Signing template.

CertPS1 (2)

Now close out the Certification Authority console.  Then open an MMC with your certificates.  To do this open an MMC, add the Certificates Snap-In, and choose your user account as the context.

CertPS1 (3)

Once this is open, right-click on your Personal certificate store, choose All Tasks, and Request New Certificate.

CertPS1 (4)

In the certificate request wizard, click next, make sure Active Directory Enrollment is selected, click next, check the box for code signing and then click Enroll.

CertPS1 (5) CertPS1 (6) CertPS1 (7)

You now have a certificate that can be used for PowerShell code signing.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s