Read certificate info from signed executable?

Welcome Forums General PowerShell Q&A Read certificate info from signed executable?

This topic contains 3 replies, has 2 voices, and was last updated by

 
Participant
1 year, 9 months ago.

  • Author
    Posts
  • #75808

    Participant
    Topics: 1
    Replies: 1
    Points: 1
    Rank: Member

    Is there any way in PowerShell (or a CLI tool that I can call from PowerShell) to read the certificate information from a signed executable (or script)? I'm looking for a scripted way to collect publisher information from files for use in AppLocker policies and my Google-foo is only finding articles about signing things or reading certificates from the central store.

  • #75818

    Participant
    Topics: 1
    Replies: 1325
    Points: 1,651
    Helping Hand
    Rank: Community Hero
    • #75824

      Participant
      Topics: 1
      Replies: 1
      Points: 1
      Rank: Member

      Wow. Just wow.

      I already said that I had searched for the answer, yet you give me a LMGTFY link. Nice.

      I also already found Get-AuthenticodeSignature (which I didn't say above, so, my bad), but it doesn't seem to return much of use. The Get-Help information (including -Online) doesn't say anything about accessing more than the signature thumbprint.

      Your smart-alecky link, however, did show an MSDN blog post that had an example with this:

      $(Get-AuthenticodeSignature myfile.exe).SignerCertificate.Subject

      *This* is what I needed ... looking at the properties of the Certificate object that's returned by Get-AuthenticodeSignature. So, thanks for the info, but your delivery could use some work.

  • #75827

    Participant
    Topics: 1
    Replies: 1325
    Points: 1,651
    Helping Hand
    Rank: Community Hero

    thanks for the info, but your delivery could use some work.

    I was not supposed to spoil you. I just wanted to push you to the right direction. 😉 😀 ... and it worked out perfectly. Great.

The topic ‘Read certificate info from signed executable?’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort