PowerShellscripting~30 mins

Code signing in PowerShell - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Code Signing with PowerShell

📖 Scenario: You are a system administrator who needs to ensure that PowerShell scripts are trusted and have not been tampered with. To do this, you will sign a script file using a code signing certificate.

🎯 Goal: Learn how to create a simple PowerShell script, specify the path to a code signing certificate, sign the script using that certificate, and verify the signature.

📋 What You'll Learn

Create a PowerShell script file with a simple command

Specify the path to a code signing certificate file

Use the Set-AuthenticodeSignature cmdlet to sign the script

Verify the signature using Get-AuthenticodeSignature

Print the signature status

💡 Why This Matters

🌍 Real World

Code signing helps ensure scripts are trusted and not altered, which is important in secure environments.

💼 Career

System administrators and security professionals use code signing to protect scripts and software from tampering.

Progress0 / 4 steps

Create a simple PowerShell script file

Create a file called TestScript.ps1 with the exact content Write-Output "Hello, signed script!".

PowerShell

# Create the file TestScript.ps1 with the specified content
# Your code here

Need a hint?

Use Set-Content to create the file with the exact text inside.

Specify the path to the code signing certificate

Create a variable called $certPath and set it to the string "C:\Certs\MyCodeSigningCert.pfx".

PowerShell

Set-Content -Path TestScript.ps1 -Value 'Write-Output "Hello, signed script!"'
# Create the variable $certPath with the certificate path
# Your code here

Need a hint?

Use double backslashes \\ in the path string.

Sign the script using the certificate

Use Get-PfxCertificate with $certPath to get the certificate and store it in $cert. Then use Set-AuthenticodeSignature with TestScript.ps1 and $cert to sign the script. Store the result in $signature.

PowerShell

Set-Content -Path TestScript.ps1 -Value 'Write-Output "Hello, signed script!"'
$certPath = "C:\Certs\MyCodeSigningCert.pfx"
# Get the certificate and sign the script
# Your code here

Need a hint?

Use Get-PfxCertificate to load the certificate, then Set-AuthenticodeSignature to sign the script.

Verify and print the signature status

Use Get-AuthenticodeSignature on TestScript.ps1 and store the result in $verify. Then print the Status property of $verify using Write-Output.

PowerShell

Set-Content -Path TestScript.ps1 -Value 'Write-Output "Hello, signed script!"'
$certPath = "C:\Certs\MyCodeSigningCert.pfx"
$cert = Get-PfxCertificate -FilePath $certPath
$signature = Set-AuthenticodeSignature -FilePath TestScript.ps1 -Certificate $cert
# Verify the signature and print the status
# Your code here

Need a hint?

The output should be Valid if the script is signed correctly.