Author Posts

May 15, 2018 at 2:24 pm

Hi all,

I'm relatively new to Powershell scripting from scratch and have the following issue (Please excuse any code formatting faux pas!).

I have a script that reads each file in a folder and subsequently creates an OpenSSL signature file for every one. This works a treat if the folder only contains files at the root. The working code looks as follows;

$path = "C:\SCANNED"
$PriKey ="C:\OpenSSL\PK Store\private.pem"

cd $path

ForEach ($file in Get-ChildItem $path)

C:\openssl\openssl.exe dgst -sha256 -sign $PriKey -out $path"\"$file".sha256" -passin pass: $path"\"$file

The output of this is the original files plus new signature files for each one.

The issue is that I am unable to get it to read through any sub-folders and create the relevant signature files within the same sub-folders (or at all for that matter). I've tried various different Get-ChildItems -Recurse -Files parameters, etc but nothing seems to work.

I'm sure this has a relatively simple(ish) solution to someone more experienced than myself with this. Any help would be gladly appreciated.


May 15, 2018 at 2:43 pm

What if you have a third variable of

$files  = get-childitem $path -recurse -force

and then do this

ForEach ($file in $files)

C:\openssl\openssl.exe dgst -sha256 -sign $PriKey -out $path"\"$file".sha256" -passin pass: $path"\"$file

May 15, 2018 at 3:07 pm

Hi Jon,

Thank you for the reply. This works great for just files again, but the same issue when I add a sub-folder;

C:\openssl\openssl.exe : C:\SCANNED\SUBFOLDER-1: Permission denied


May 15, 2018 at 3:21 pm

If I use the -file parameter as below, I get the script to read the contents of the folder.

$files = get-childitem $path -recurse -file -force

However, as the openssl command uses the $path variable to point to the root, it tries to read that when generating the signature files for the files in the sub-directory, which don't exist in the root.

The error message I now get is

C:\openssl\openssl.exe : C:\SCANNED\callPS2EXE.bat: No such file or directory (Because this file exists in the subdirectory).

A little progress made with the use of the -file parameter. Looking at the code, are you able to figure out how to get it to process the files in the sub-folder so that the signature files are also created in said sub-folder?

I hope this makes sense! 🙂


May 15, 2018 at 3:47 pm

Move them all to the root? 🙂

Try this

$files  = get-childitem $path -recurse -file -force | select name, directory
$files | % {C:\openssl\openssl.exe dgst -sha256 -sign $PriKey -out $"\"$.name".sha256" -passin pass: $"\"$}

I make no promises on that one, I have zero experience with openssl!

May 15, 2018 at 8:28 pm

No, that's a lot more file I/O than you need be incurring.

IMO, the best thing to do would be a variant of this...

$AllFiles = Get-ChildItem -Path $Path -Recurse -File -Force
foreach ($File in $AllFiles) {
    Start-Process -NoNewWindow -Wait -FilePath "C:\OpenSSL\OpenSSL.exe" -ArgumentList @(
        '-sign $PriKey'
        "-Out $($_.FullName + '.sha256')"
        "-Passin pass: $($_.Fullname)"

May 17, 2018 at 10:11 am

Hi Joel,

Thank you for the reply. Confusingly this worked the first time I ran it yesterday, but only for the files within the subfolder and not for the files in the root. It failed to run any further since that one time and I'm totally lost as to why.

Ont thing to note, the $Prikey variable doesn't have the right colour when using this format (Red $, etc) and is instead all just brown. It's as though it's not being seen as a variable. I have played with the various types of quotes " and ' to see if this made any difference but it doesn't.

The script as-is, doesn't flag any errors and only creates a .sha file (literally called that) on the root. It's as though it's trying to read through the list but is unable to process the OpenSSL command in the breakdown you kindly provided. I know it's able to read the folder and sub-folder structure, as the $AllFiles variable returns the root and subfolder, along with its contents.

Any ideas? Thanks for your help.


May 17, 2018 at 5:27 pm


So this had a relatively simple solution which I got thanks to you both, so thank you.

The solution was to use the following;

$ScannedLocation = "C:\SCANNED"
$AllFiles = Get-ChildItem -Path $ScannedLocation -Recurse -File -Force

foreach ($File in $AllFiles) {
&C:\OpenSSL\OpenSSL.exe dgst -sha256 -sign $PriKey -out $($file.FullName + '.sha256') -passin pass: $($file.Fullname)

The above now reads through each folder and creates the required signature files within each sub-folder of the root.

Thanks again to you both.