10.4. Signing Scripts

Before we sign a script, let's make sure that we require that running a script requires that it has been signed beforehand. To enforce that, we have to switch our current script execution policy to AllSigned. Only users with administrator privileges can do that on a machine, and on Windows Vista, those users need to run the shell with elevated privileges. So, start a shell session as an administrator, and call the Set-ExecutionPolicy cmdlet:

PS C:\> Set-ExecutionPolicy AllSigned
PS C:\> Get-ExecutionPolicy
AllSigned

Let's now create a simple script that returns all certificate files in the current folder and try to run it. Here is what happens:

PS> Set-Content Get-CertificateFiles.ps1 "dir *.cer" PS> .\Get-CertificateFiles.ps1 ...

Get Pro Windows PowerShell now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.