Menu
I've a build script which signs a file with a digital certificate (Microsoft Authenticode). I want to create a test script which checks that the file is successfully signed. It's sufficient with a boolean indicating the existence of any signature on the file.
Can I do that with PowerShell without any extensions? If not, what do I need?
728
Open the file that contains the digital signature you want to view. Click File > Info > View Signatures. In the list, on a signature name, click the down-arrow, and then click Signature Details.
Opening the Script's File Properties Another way to check the script's digital signature is to open the script's file properties in Windows Explorer. To do so: In Windows Explorer, navigate to the PowerShell script's location. In this example, the script is in C:\ATA\myscript.
From a Windows operating system: Right click the file the main executable file (.exe), select Properties > Digital Signatures. Under Signature list, select the Signature, and click Details. You will see information regarding the Code Signing certificate that was used to sign the executable.
Open the properties sheet for the . dll from Windows Explorer. If a tab "Digital Signatures" is shown, it's a signed assembly. If the tab is missing, it's unsigned.
Try the Get-AuthenticodeSignature-cmdlet
(Get-AuthenticodeSignature "C:\windows\explorer.exe").Status -eq 'Valid'
True
(Get-AuthenticodeSignature "D:\notes.txt").Status -eq 'Valid'
False
You could simply call signtool.exe to verify the result.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
