Read certificate info from signed executable?

This topic contains 3 replies, has 2 voices, and was last updated by  Olaf Soyk 3 weeks, 5 days ago.

  • Author
    Posts
  • #75808

    John Straffin
    Participant

    Is there any way in PowerShell (or a CLI tool that I can call from PowerShell) to read the certificate information from a signed executable (or script)? I'm looking for a scripted way to collect publisher information from files for use in AppLocker policies and my Google-foo is only finding articles about signing things or reading certificates from the central store.

  • #75818

    Olaf Soyk
    Participant
    • #75824

      John Straffin
      Participant

      Wow. Just wow.

      I already said that I had searched for the answer, yet you give me a LMGTFY link. Nice.

      I also already found Get-AuthenticodeSignature (which I didn't say above, so, my bad), but it doesn't seem to return much of use. The Get-Help information (including -Online) doesn't say anything about accessing more than the signature thumbprint.

      Your smart-alecky link, however, did show an MSDN blog post that had an example with this:

      $(Get-AuthenticodeSignature myfile.exe).SignerCertificate.Subject

      *This* is what I needed ... looking at the properties of the Certificate object that's returned by Get-AuthenticodeSignature. So, thanks for the info, but your delivery could use some work.

  • #75827

    Olaf Soyk
    Participant

    thanks for the info, but your delivery could use some work.

    I was not supposed to spoil you. I just wanted to push you to the right direction. 😉 😀 ... and it worked out perfectly. Great.

You must be logged in to reply to this topic.