8.15.2012
8.14.2012
Signing
On a mission:
Find a straightforward method of signing ps scripts and implementing across enterprise desktops
What I've found so far are only examples of "self-signing" scripts. I think what _I need_ is :
-a valid cert
-to authenticate with cert
-then accept cert (somehow...use .reg?) onto user desktop
Research:
-Google: http://bit.ly/mtbeeITProf_Script_GSearch_signing_powershell_scripts
Promising:
http://www.hanselman.com/blog/SigningPowerShellScripts.aspx
Requirements:
-Admin privilege
-.NET Framework 2.0 SDK
- Try: 3.5 Service Pack 1! ...but, you need role based install ~ security (harumph!)
Note: Regarding error below - maybe due to them not running as
comspec/makecert as ADMIN
-our admin are using a GPO to push the cert to desktops that require - only other
gotcha encountered was that scripts created from the powershell ISE come out
'big endian' and generate 'unknownerror' when signing. Resave as ANSI and that
problem goes away.
Caveat emptor: ...at very bottom of article.
Thursday, August 10, 2006 10:42:27 PM UTCWhen running the "makecert" to add to the personal store teh following error occurs. Generally I don't set up my certs this way but wanted to use your blog as a reference for others. This seems to be a problem many are having on XPSP2 machines. I don't know if i happens on WS2000/3003.
Error: Can't load the issuer certificate ('root')
Failed
Find a straightforward method of signing ps scripts and implementing across enterprise desktops
What I've found so far are only examples of "self-signing" scripts. I think what _I need_ is :
-a valid cert
-to authenticate with cert
-then accept cert (somehow...use .reg?) onto user desktop
Research:
-Google: http://bit.ly/mtbeeITProf_Script_GSearch_signing_powershell_scripts
Promising:
http://www.hanselman.com/blog/SigningPowerShellScripts.aspx
Requirements:
-Admin privilege
-.
- Try: 3.5 Service Pack 1! ...but, you need role based install ~ security (harumph!)
Note: Regarding error below - maybe due to them not running as
comspec/makecert as ADMIN
-our admin are using a GPO to push the cert to desktops that require - only other
gotcha encountered was that scripts created from the powershell ISE come out
'big endian' and generate 'unknownerror' when signing. Resave as ANSI and that
problem goes away.
Caveat emptor: ...at very bottom of article.
Thursday, August 10, 2006 10:42:27 PM UTCWhen running the "makecert" to add to the personal store teh following error occurs. Generally I don't set up my certs this way but wanted to use your blog as a reference for others. This seems to be a problem many are having on XPSP2 machines. I don't know if i happens on WS2000/3003.
Error: Can't load the issuer certificate ('root')
Failed
Subscribe to:
Posts (Atom)