Question:
I’m getting an error when I run a PowerShell script:
File test_new.ps1 cannot be loaded. The file test_new.ps1 is not digitally signed.
I created a CA and a certificate and signed this file using the procedure described here.
Here is when I do a dir on the MY directory:
|
1 |
EF76B3D7D8D2406E1F2EE60CC40644B122267F18 CN=PowerShell User |
I can see the signature block appended at the end of the test_new.ps1 file.
Here is the execution policy and scope:
|
1 2 3 4 5 6 7 |
Scope ExecutionPolicy ----- --------------- MachinePolicy AllSigned UserPolicy Undefined Process Bypass CurrentUser AllSigned LocalMachine Undefined |
The machinepolicy should take priority which is set as AllSigned. Everything seems allright, why am I still getting the digitally signed error.
Answer:
Finally found a solution to this:
|
1 2 3 4 5 6 7 |
$cert=Get-ChildItem cert:\CurrentUser\MY $store = New-Object $store = New-Object System.Security.Cryptography.X509Certificates.X509Store ("TrustedPublisher" , "LocalMachine") $store.Open("ReadWrite") $store.Add($cert) $store.Close() |
It had to be published in the TrustedPublisher store for it to work.