Posted in Windows Powershell | No Comment | 5,324 views | 30/11/2011 20:57
You can’t run unsigned Powershell scripts on servers if execution policy is not set as “Unrestricted”. You need to sign your scripts to run without modifying security policies. If you are a software developer, signing your scripts makes you reliable publisher for users.
By providing assurance that software is produced and signed by a “known publisher”, the practice of code signing can increase customer trust and lead to increased conversions and downloads.
But wait, you can’t sign a Powershell script with a Web certificate. So basically 20$ certificate from AlphaSSL or similar won’t work. For Windows, you need to have Code Signing Certificate. I’ll talk about GlobalSign code signing certificate and code signing process.
If you are a individual developer (like me) you can go with that option. If you purchase individual developer certificate, you’ll get a certificate for your name (like Yusuf Ozturk). Let’s read it from GlobalSign:
Software Vendors and Organizations can digitally sign and timestamp the software they distribute over the Internet, ensuring that the end user knows the software is legitimate and has not been tampered with since being published.
Individual Developers, i.e. those developers not associated with larger organizations, can also buy and use Code Signing certificates. The full name of the developer is attached to the certificate, so customers will see the message “This software has been published by John Doe”.
So what you need to get a code signing certificate?