In a previous tip, we illustrated how you access a code signing certificate that was installed on your computer. With such a certificate, you can sign one or all PowerShell scripts in a folder. Here is how you sign all PowerShell scripts in folder c:\scripts with the first available code signing certificate from your certificate store:
$cert = dir cert:\CurrentUser\my -CodeSigningCert | Select-Object -First 1 if ($cert) { dir c:\scripts -Filter *.ps1 -Recurse -ea 0 | Set-AuthenticodeSignature -Certificate $cert } else { Write-Warning 'You do not have a digital certificate for code signing.' }
Note that there are two situations when Set-AuthenticodeSignature cannot sign a script: if a script is smaller than 5 Bytes, and if the script was saved with "Unicode Big Endian" encoding which occurs when you save a script with the PowerShell ISE editor.
