Signature Block not visible in Signed scripts anymore

This topic contains 6 replies, has 2 voices, and was last updated by Profile photo of SavindraSingh Shahoo SavindraSingh Shahoo 1 month, 1 week ago.

  • Author
    Posts
  • #56198

    Hello Experts,

    I have observed that on my Windows 10 machine with PowerShell v5.0, I don't see a signature block at the end of the file, as it uses to show earlier in a signed script.
    I don't know why I can't see it anymore, is that due to OS version PS version or combination of both.
    Earlier, a digitally signed script use to show a Signature block as shown in below example:












    How can we bring that functionality back to make this visible in signed scripts?

  • #56201
    Profile photo of Don Jones
    Don Jones
    Keymaster

    I'm familiar with what the signatures look like, so although your code didn't appear here, it's fine.

    There was no change in functionality regarding signed scripts. Are you certain that the script is actually signed?

    For example, look at one of the .format.ps1xml files located under the PowerShell installation folder (/system32/windowspowershell/v1.0). You should see the signature block at the end of those. Do you?

    • #56204

      Thank you for that note.. 🙂 I was actually struggling with how to make that signature block visible here.

      Yes.. That script is digitally signed for sure. Because I can verify the signature validity using Get-AuthenticodeSignature command. It shows valid. and the script I am looking at is a PowerShell view definition file located at "C:\Windows\System32\WindowsPowerShell\v1.0\types.ps1xml"

      It shows the signature block on a Windows Server 2012 VM I have with PowerShell v.4.0.

      But not on my Windows 10 machine with PS 5.

  • #56210
    Profile photo of Don Jones
    Don Jones
    Keymaster

    So copying the exact same file from one machine to another, makes the block not show up (in Notepad, even) on the Win10 machine?

    • #56215

      I don't need to copy that file as it is available on every computer which has PowerShell installed on it. You can check any other signed script file for that matter, even on your machine at "C:\Windows\System32\WindowsPowerShell\v1.0\" this folder.

      Any signed script file will surely result in below output. But it does not show the signature block when you open it in Notepad:

      PS C:\Windows\System32\WindowsPowerShell\v1.0> Get-AuthenticodeSignature -FilePath .\types.ps1xml
      
      
          Directory: C:\Windows\System32\WindowsPowerShell\v1.0
      
      
      SignerCertificate                         Status                                                          Path                                                           
      -----------------                         ------                                                          ----                                                           
      108E2BA23632620C427C570B6D9DB51AC31387FE  Valid                                                           types.ps1xml                                                   
      
      
      
      
  • #56272

    Anyone have any clue about the reason behind this behavior? Why Script block is visible on some computers and not available on certain machines. I suspect it has something to do with the latest update or latest OS version of Windows.

    Just wanted to find out the root cause behind this.

  • #56689

    Hello Experts,

    I have tested this on few other computers in the meantime. This behavior is random across various machines where I have tested. On some machines, it shows the signature block at the end of the file and on some other machines, it doesn't.

    Can someone please check on their own machines if they can see the signature block in the built-in PowerShell script files found under "C:\Windows\System32\WindowsPowerShell\v1.0" folder?

    Thank you for any inputs.

You must be logged in to reply to this topic.