Author Posts

July 25, 2017 at 3:21 pm

Is there any way in PowerShell (or a CLI tool that I can call from PowerShell) to read the certificate information from a signed executable (or script)? I'm looking for a scripted way to collect publisher information from files for use in AppLocker policies and my Google-foo is only finding articles about signing things or reading certificates from the central store.

July 25, 2017 at 3:47 pm

Wow. Just wow.

I already said that I had searched for the answer, yet you give me a LMGTFY link. Nice.

I also already found Get-AuthenticodeSignature (which I didn't say above, so, my bad), but it doesn't seem to return much of use. The Get-Help information (including -Online) doesn't say anything about accessing more than the signature thumbprint.

Your smart-alecky link, however, did show an MSDN blog post that had an example with this:

$(Get-AuthenticodeSignature myfile.exe).SignerCertificate.Subject

*This* is what I needed ... looking at the properties of the Certificate object that's returned by Get-AuthenticodeSignature. So, thanks for the info, but your delivery could use some work.

July 25, 2017 at 3:51 pm

thanks for the info, but your delivery could use some work.

I was not supposed to spoil you. I just wanted to push you to the right direction. 😉 😀 ... and it worked out perfectly. Great.