PowerShell_sign_code_and_upload_in_the_PowerShell galleryPowerShell_sign_code_and_upload_in_the_PowerShell galleryLast friday at the PowerShell Usergroup Hannover I briefly talked about CodeSigning for PowerShell modules for upload to the PowerShell Gallery. Well, the interest of my colleagues was bigger than expected and also some questions remained unanswered. Here also some things have changed. Fact is, most modules in the Gallery are unsigned. In the end, the question always arises, why sign at all, when the PowerShell execution policy can be so easily overridden?For example it is possible to execute arbitrary code with
Powershell.exe -ExecutionPolicy Bypass -File <PathToPowershellSkript.ps1>.
I have been using code signing certificates for my community PowerShell scripts for several years. This is especially well received by our customers. Our work is digitally signed with it. Furthermore the inhibitions are a little bit bigger to change scripts later because the signature block always has to be changed.
