VMware Cloud Community
jvm2016
Hot Shot
Hot Shot

digital_certificate and password protection powershell script

Hi Luc,

I am running powershell scripts from following environment.

pastedImage_0.png

and

pastedImage_1.png

i want to do two things to those scripts.

1:password protect the script

2:digitally sign script using self signed certificates .

can you please suggest some easy ways to do above two considering above environment.

Reply
0 Kudos
6 Replies
LucD
Leadership
Leadership

1. I'm not aware of a method to password protect a .ps1 script.
You could look at ACLs to protect your file from being read, but that would mean the user can't execute the script either.
He needs to be able to read the script to run it.

2. To sign a .ps1 script, you will need a codesigning certificate.

You can check if there is one with

Get-ChildItem -Path cert: -CodeSigningCert

When you have a signing certificate, you can do.
The Set-AuthenticodeSignature cmdlet was introduced in PS v3, so normally it should be available to you on that platform.

$cert = Get-ChildItem -CodeSigningCert -Path Cert:\LocalMachine\My\

Set-AuthenticodeSignature -FilePath C:\Scripts\myscript.ps1 -Certificate $cert


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
jvm2016
Hot Shot
Hot Shot

i dont find

Get-ChildItem -Path cert: -CodeSigningCert

Reply
0 Kudos
LucD
Leadership
Leadership

That probably means that you have no codesigning certificate installed.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
jvm2016
Hot Shot
Hot Shot

do i need to work on windows 2012 server then .if you can suggest some alternate solutions for this.

Reply
0 Kudos
LucD
Leadership
Leadership

That has nothing to do with the OS version afaik.
Did you import a codesigning certificate on the platform?

Have a read of the post Signing PowerShell Scripts.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
jvm2016
Hot Shot
Hot Shot

thnaks iam checking this.

Reply
0 Kudos