-
Notifications
You must be signed in to change notification settings - Fork 8
/
Sign-Module.ps1
18 lines (14 loc) · 1.16 KB
/
Sign-Module.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# Sign the module
$cert = Get-ChildItem Cert:\CurrentUser\My\ -CodeSigningCert | Where { $_.HasPrivateKey -and ( $_.NotAfter -gt (Get-Date)) }
Get-ChildItem ~/Documents\WindowsPowerShell\Modules\$MyModule -Include *.psd1,*.psm1 -Recurse |
Set-AuthenticodeSignature -Certificate $cert -TimestampServer http://timestamp.digicert.com -Verbose -HashAlgorithm SHA256
# at this stage only .psd1 and psm1 are signed
Get-AuthenticodeSignature ~/Documents\WindowsPowerShell\Modules\$MyModule\*
# Create the catalog file
New-FileCatalog -Path ~/Documents\WindowsPowerShell\Modules\$MyModule -CatalogFilePath ~/Documents\WindowsPowerShell\Modules\$MyModule\MyModule.cat -CatalogVersion 2.0 -Verbose
# Sign the catalog file
Get-ChildItem ~/Documents\WindowsPowerShell\Modules\$MyModule\MyModule.cat -EA 0 |
Set-AuthenticodeSignature -Certificate $cert -TimestampServer http://timestamp.digicert.com -Verbose -HashAlgorithm SHA256
# Test the catalog file
Test-FileCatalog -Path ~/Documents\WindowsPowerShell\Modules\$MyModule -CatalogFilePath ~/Documents\WindowsPowerShell\Modules\$MyModule\MyModule.cat -Detailed
Get-AuthenticodeSignature ~/Documents\WindowsPowerShell\Modules\$MyModule\*