Before we sign a script, let's make sure that we require that running a script requires that it has been signed beforehand. To enforce that, we have to switch our current script execution policy to AllSigned. Only users with administrator privileges can do that on a machine, and on Windows Vista, those users need to run the shell with elevated privileges. So, start a shell session as an administrator, and call the Set-ExecutionPolicy cmdlet:
PS C:\> Set-ExecutionPolicy AllSigned PS C:\> Get-ExecutionPolicy AllSigned
Let's now create a simple script that returns all certificate files in the current folder and try to run it. Here is what happens:
PS> Set-Content Get-CertificateFiles.ps1 "dir *.cer" PS> .\Get-CertificateFiles.ps1 ...