We at d-fens all have a SuisseID, which can be used for different purposes like authentication and electronical signing purposes. It’s as well possible to sign code with the SuisseID. The advantages of using the SuisseID for code signing are that the SuisseID is a very cheap in comparison to other code signing certificates and that the user gets authenticated personally. The following section describes the necessary step to sign a PowerShell script on Windows by using your SuisseID.
To sign code with your SuisseId using PowerShell your SuisseId has to be installed on your computer and as well has to be connected with your computer.
- Open the Microsoft Management Console (
mmc.exe) - Press
Ctrl + m - Add
Certificatesto theSelected snap-ins - On pop up select
My User Account - Open the certificates tree and navigate to
Personal\Certificates - Select the SuisseId
Qualified Signaturecertificate (Issued bySwissSign Qualified Platinum CA 2010 - G2) - Right click -> Properties
- In
Generaltab select the radio buttonEnable only the following purposes - Apply
- Open a new PowerShell session (Run as administrator)
- Get your code signing certificate by executing the following command
$cert = Get-ChildItem cert:\CurrentUser\my -CodeSigningCert
- Sign PowerShell script file by executing the following command
Set-AuthenticodeSignature -FilePath C:\PathToTheFile\SomeFile.ps1 -Certificate $cert
d-fens GmbH 
hi,
does you SuisseID work with Windows 10 to sign PowerShell Scripts?
Mine doesn’t work.
Hi
I could not yet try to reproduce the problem, as I have Windows 7 on my machine. What exactly does not work and what error message do you get?
Important: Steps 1 to 9 have to be executed every time the SuisseID gets connected with the computer.
Hi Manuel
I just upgraded to Windows 10 and could successfully sign a PowerShell script using the step by step guide from the blog post above.