daily pastebin goal
23%
SHARE
TWEET

Untitled

a guest Dec 11th, 2018 60 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. help about_signing
  2.    
  3. ## sign-script.ps1
  4. ## Sign a powershell script with a Thawte certificate and
  5. ## timestamp the signature
  6. ##
  7. ## usage: ./sign-script.ps1 c:foo.ps1
  8.  
  9. param([string] $file=$(throw “Please specify a script filepath.”))
  10.  
  11. $certFriendlyName = "Thawte Code Signing"
  12. $cert = gci cert:CurrentUserMy -codesigning | where -Filter
  13.   {$_.FriendlyName -eq $certFriendlyName}
  14.  
  15. # https://www.thawte.com/ssl-digital-certificates/technical-  
  16. #   support/code/msauth.html#timestampau
  17. # We thank VeriSign for allowing public use of their timestamping server.
  18. # Add the following to the signcode command line:
  19. # -t http://timestamp.verisign.com/scripts/timstamp.dll
  20. $timeStampURL = "http://timestamp.verisign.com/scripts/timstamp.dll"
  21.  
  22. if($cert) {
  23.     Set-AuthenticodeSignature -filepath $file -cert $cert -IncludeChain All -  
  24.       TimeStampServer $timeStampURL
  25. }
  26. else {
  27.     throw "Did not find certificate with friendly name of `"$certFriendlyName`""
  28. }
  29.    
  30. Windows Registry Editor Version 5.00
  31.  
  32. [HKEY_CURRENT_USERSoftwareClassesMicrosoft.PowerShellScript.1]
  33.  
  34. [HKEY_CURRENT_USERSoftwareClassesMicrosoft.PowerShellScript.1Shell]
  35.  
  36. [HKEY_CURRENT_USERSoftwareClassesMicrosoft.PowerShellScript.1ShellSign]
  37.  
  38. [HKEY_CURRENT_USERSoftwareClassesMicrosoft.PowerShellScript.1ShellSignCommand]
  39. @="C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command Set-AuthenticodeSignature '%1' @(Get-ChildItem cert:\CurrentUser\My -codesigning)[0]"
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top