# encoding: ascii
# api: powershell
# title:
# description: Quick script signer using the last avalable codesigning cert in MY cert store
# version: 0.1
# type: script
# license: CC0
# x-poshcode-id: 1768
# x-archived: 2010-04-17T07:51:28
#
#
# select the most recent code signing cert
$cert1 = get-childitem cert:\currentuser\my -CodeSigningCert |
?{$_.Subject -eq "E=CoE@contoso.com"} |
sort-object NotBefore |select-object -last 1
$r= Set-AuthenticodeSignature c:\signing\Script2.ps1 -Cert $cert1 -Force -Verbose -IncludeChain "All" -TimeStampServer "http://timestamp.verisign.com/scripts/timstamp.dll"
$r | FL
Get-AuthenticodeSignature C:\Signing\Script2.ps1 | fl
Sign
$CertPath = "" ## path to Signing Certificae .pfx file
$FilePath = "" ## Path to script to sign
$TimeStamping = "" ## URL to timestamping Service
if($CertPath) {
Set-AuthenticodeSignature -FilePath $file -Certificate $CertPath
} else {
Set-AuthenticodeSignature -FilePath $file
}
Validate Signature of scripts (List non Valid script )
$Folder
ForEach($file in Get-ChildItem $Folder | Get-AuthenticodeSignature |
Where-Object { $_.Status -ne "Valid" -and $_.StatusMessage -ne $invalidForm } |
Select-Object -ExpandProperty Path )
{
}
## DEAL with no timestamp
dir ?.ps1 | Get-AuthenticodeSignature | % {if($_.TimeStamperCertificate -eq $null){write-warning "no time stamp"
};$_}