Powershell‎ > ‎

Signing scripts

Requires makecert.exe. Download and install platform SDK for windows.


Open a command prompt

CD C:\Program Files\Microsoft SDKs\Windows\v7.0\Bin
makecert -n "CN=PowerShell Local Certificate Root" -a sha1 -eku -r -sv root.pvk root.cer -ss Root -sr localMachine


makecert -pe -n "CN=PowerShell User" -ss MY -a sha1 -eku -iv root.pvk -ic root.cer
Get-ChildItem cert:\CurrentUser\My -codesign Set-ExecutionPolicy AllSigned Set-AuthenticodeSignature -Certificate @(Get-ChildItem cert:\CurrentUser\My -codesigning)[0] -FilePath C:\script.ps1

 Add function to profile

add this function to  Microsoft.PowerShell_profile.ps1

function Sign-Script(
    [string]  $file=$(throw '$file is required'))
    $cert = @(gci cert:\currentuser\my -codesigning)[0]
    Set-AuthenticodeSignature $file $cert

Use function to sign a script

Sign-Script .\Microsoft.PowerShell_profile.ps1

get-command sign-script
get-help sign-script