Welcome › Forums › General PowerShell Q&A › Signing Scripts
There is most likely a facet of script signing that I do not understand, but I am having an issue with signing a basic PS script for testing.
I have a valid MS enterprise Code Signing cert located in the Trusted Publishers Folder that expires in Oct of 2020. (I have obfuscated certain elements).
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX CN=Brian Clanton, OU=XXX, DC=XXXXX, DC=local
I have attempted to sign my script, referencing it via thumbprint and it indicates that the script is not suitable.
Set-AuthenticodeSignature C:\Utility\TPScript\BCLoginTest.ps1 @(Get-ChildItem Cert:\CurrentUser\TrustedPublisher\XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Set-AuthenticodeSignature : Cannot sign code. The specified certificate is not suitable for code signing.
At line:1 char:1
+ Set-AuthenticodeSignature C:\Utility\TPScript\BCLoginTest.ps1 @(Get-C ...
+ CategoryInfo : InvalidArgument: (:) [Set-AuthenticodeSignature], PSArgumentException
+ FullyQualifiedErrorId : Argument,Microsoft.PowerShell.Commands.SetAuthenticodeSignatureCommand
Most of the examples I see is for Self Signed Certs where they are referencing the Personal Cert folder, so I think I may be missing a step in the preparation of the Cert?
Does anyone see my error?
See if this discussion helps.