10.5. Running Scripts on Other Machines
One of the limitations of signing scripts using your own self-signed certification authority certificate is that it is very hard to verify that signature on another machine. Had we been using a VeriSign-issued certificate to sign our scripts, we would have had no problem—the VeriSign root certificate is installed on every Windows machine. To achieve the same, we have to install our certification authority certificate on all machines that have to run our scripts. Here is what happens if we run a signed script on a machine that does not have our certification authority's certificate installed:
PS> .\Get-CertificateFiles.ps1 File C:\PowerShell\certs\Get-CertificateFiles.ps1 cannot be loaded. A certi ficate ...
Get Pro Windows PowerShell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.