You probably know that Set-AuthenticodeSignature can be used to digitally sign PowerShell scripts. But did you know that this cmdlet can sign anything that
This piece of code would load a digital certificate from a PFX file, then scan your home folders for VBScript files, and apply a digital signature to the scripts:
# change path to point to your PFX file: $pfxpath = 'C:\Users\Tobias\Documents\PowerShell\testcert.pfx' # change password to the password needed to read the PFX file: # (this password was set when you exported the certificate to a PFX file) $password = 'topsecret' # load certificate Add-Type -AssemblyName System.Security $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $cert.Import($pfxpath, $password, 'Exportable') # apply signature to all VBScript files # REMOVE -WHATIF TO ACTUALLY SIGN Get-ChildItem -Path $home -Filter *.vbs -Recurse -ErrorAction SilentlyContinue | Set-AuthenticodeSignature -Certificate $cert -WhatIf
