Question
-
Topic
-
Powershell -CodeSigningCert not working
Hi,
A few months back we instituted a policy of only allowing signed PS scripts. I generated a CodeSigningCert request and a cert was created by our internal CA. I created the .cer from the code then imported it. I signed dozens of scripts for use across the org. It has been working well. I had to wipe my machine and cannot get it to work now. See relevant info below. Certmgr sees it as a codesigningcert but not powershell. Any ideas? This is driving me crazy.
PS C:\> Set-AuthenticodeSignature -FilePath C:\Development\Hello_World.ps1 -Certificate $c
Set-AuthenticodeSignature : Cannot sign code. The specified certificate is not suitable for code signing.
At line:1 char:1
+ Set-AuthenticodeSignature -FilePath C:\Development\Hello_World.ps1 -C …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-AuthenticodeSignature], PSArgumentException
+ FullyQualifiedErrorId : Argument,Microsoft.PowerShell.Commands.SetAuthenticodeSignatureCommandPS C:\> $c | Format-list *
PSPath : Microsoft.PowerShell.Security\Certificate::currentuser\my\CA15BEF8A15C6CE31BB8FA5E1201172F05
DD21DD
PSParentPath : Microsoft.PowerShell.Security\Certificate::currentuser\my
PSChildName : CA15BEF8A15C6CE31BB8FA5E1201172F05DD21DD
PSDrive : Cert
PSProvider : Microsoft.PowerShell.Security\Certificate
PSIsContainer : False
EnhancedKeyUsageList : {Code Signing (1.3.6.1.5.5.7.3.3)}