We at d-fens all have a SuisseID, which can be used for different purposes like authentication and electronical signing purposes. It’s as well possible to sign code with the SuisseID. The advantages of using the SuisseID for code signing are that the SuisseID is a very cheap in comparison to other code signing certificates and that the user gets authenticated personally. The following section describes the necessary step to sign a PowerShell script on Windows by using your SuisseID.
To sign code with your SuisseId using PowerShell your SuisseId has to be installed on your computer and as well has to be connected with your computer.
- Open the Microsoft Management Console (
Ctrl + m
- On pop up select
My User Account
- Open the certificates tree and navigate to
- Select the SuisseId
Qualified Signaturecertificate (Issued by
SwissSign Qualified Platinum CA 2010 - G2)
- Right click -> Properties
Generaltab select the radio button
Enable only the following purposes
- Open a new PowerShell session (Run as administrator)
- Get your code signing certificate by executing the following command
$cert = Get-ChildItem cert:\CurrentUser\my -CodeSigningCert
- Sign PowerShell script file by executing the following command
Set-AuthenticodeSignature -FilePath C:\PathToTheFile\SomeFile.ps1 -Certificate $cert
does you SuisseID work with Windows 10 to sign PowerShell Scripts?
Mine doesn’t work.
I could not yet try to reproduce the problem, as I have Windows 7 on my machine. What exactly does not work and what error message do you get?
Important: Steps 1 to 9 have to be executed every time the SuisseID gets connected with the computer.
I just upgraded to Windows 10 and could successfully sign a PowerShell script using the step by step guide from the blog post above.