How to sign Powershell Scripts | Complete Tutorial
Тәжірибелік нұсқаулар және стиль
How to sign Powershell Scripts Complete Tutorial
🎥 On this videos will we have a look How to sign Powershell Scripts Complete Tutorial. This is a Complete Tutorial on how to add a layer of security to your .ps1 scripts when deploying them in a production environment.
This will make your scripts more secure and will benefit your organisation and save you future headaches.
-----------------------------------------------------------------------------
Chapters: 👉
0:00 How to sign Powershell Scripts | Complete Tutorial
1:15 Creating a certificate
2:05 Command creating certificate
4:37 Finding and trusting the certificate
5:49 Installing the certificate
7:54 Signing our script with the certificate
----------------------------------------------------------------------------- ✨
For the documentation of the cmdlet New-SelfSignedCertificate from Microsoft click here:
Link for -TextExtension codes, check at the bottom of the page.
Microsoft Documentation:
docs.microsoft.com/en-us/powe...
-----------------------------------------------------------✨
Thank you for watching the video, if you were able to complete the tutorial successful let me know in the comments below, you should now have an understanding on how to sign Powershell Scripts and launch them into your environment.
If you liked this video make sure to click the like button, I really appreciated it the support.
If you have any suggestions for future content please comment down below, I would love to hear your thoughts.
------------------------------------------------------------------------------------------------------✨
Пікірлер: 31
Bro you are a legend for this!!! Really helpful. Thanks!
Excellent tutorial, best tutorial out here, some trial and error but got there in the end
Thank You Very Much ! Perfect explained for a beginner like me :)
u safed my day today man, thank you
@cybersamurai99
Ай бұрын
You welcome mate, you might like the video I made on encrypting data using certificate and powershell too, have a good one
Finally, a helpful tutorial. Thanks very much Network Ninja. Took a bit of trial and error, but I got it to work thanks to you :D
@cybersamurai99
2 жыл бұрын
You are welcome Tripal. I will be uploading new videos soon, I have been moving houses, but I will be dropping more videos on IT, Security, and crypto soon :)
@TripalYT
2 жыл бұрын
@@cybersamurai99 Thanks again, I have one more question, when signing the file with the certificate it doesn't apply a signing time, how can I add this?
@cybersamurai99
Жыл бұрын
@@TripalYT You can right click and check the properties>Digital Signatures. If its not there I believe it needs to be signed with a certificate trusted by a CA. I will make time to upload an update version of the tutorial and Ill cover that.
thanks a lot man
Thanks Blake
Thanks bro!
@cybersamurai99
3 жыл бұрын
you are welcome :)
Thanks
@cybersamurai99
3 жыл бұрын
no problem
Thanks for the video. Great stuff!! If someone modifies the signed script, it still runs, right? If so, then what's the actual value of signing? Just trying to understand it a little more before i start implementing it.
@cybersamurai99
Жыл бұрын
Simple answer is NO! - If the signed script is modified just a little bit the whole hash would turn out to be different. At the moment of signing, the certificate takes all the contents of your script and turns it into a HASH VALUE (according to the settings you specified when creating the certificate). A signature block is then created and added to your script. Now when you run the script with the signature, the computer will then take the HASH VALUE and check if it matches with your signature, if it does it runs, if it does not it will not run. So if you change the script even my adding a sigle "." the hash would turn out to be different and the script would not run anymore.
Great Thanks. Please use a bigger font.
@cybersamurai99
6 ай бұрын
Thanks I'll use on the next videos
where do you get the -textextion "value"?
@cybersamurai99
3 жыл бұрын
Its on docs.microsoft search for New-SelfSignedCertificate and check at the bottom of the page. I have also place a link into the video description.
Can you sign a Python script or executable with this PowerShell method?
@cybersamurai99
2 жыл бұрын
I have not yet tested it but I think it would work. Have you tried it?
I followed these instructions but the certificate was not created in the Trusted Root Certification Authorities Store. How do I remove the cert that was created and how make another one in the right location? I think in your setup (at the start of the video) there were some steps omitted (you stated that the directory was were your certs were stored...) I am total novice in these matters...
@cybersamurai99
Жыл бұрын
Its a total of two steps, you first create the Cert, then you need to install on the Trusted Root Certificate Store, either for the User or for the Machine. Following the video you will create a certificate on this location as shown on 4:40 C:\Users\Your_User_Account\AppData\Roaming\Microsoft\SystemCertificates\My You can remove the certificate that was created on this location by simply deleting it. Then you need to install the certificate as shown from 6:00, when looking for the certificate make sure to select (* All files) or the thumbprint for the certificate will not show. Hope that helps.
I follow the guide but the certificate key has no password. How to add a password to it without creating a new one?
If I want to remove the certificate, what should I do?
@cybersamurai99
2 жыл бұрын
You should be able to remove the certificates from the AppData\Roaming\Microsoft\SystemCertificates folder You can also try removing them by navigating to the Cert:/ driver and using the option rm "certificate_thumbprint"
@riccardobussano1828
2 жыл бұрын
@@cybersamurai99 Thank you
thanks for your share! It works really well. Very useful
@cybersamurai99
2 жыл бұрын
you are welcome