Page History
Table of Contents |
---|
Introduction
SOS digitally signs PowerShell scripts that are offered for download:. The signature is included inside the script, usually from from a number of comments that follow the script code.
- Users can verify a script's signature to prove
- that the script in fact was created and signed by SOS,
- that the script's signature is valid.
- Use the built-in
Get-AuthenticodeSignature
PowerShell cmdlet for Windows to verify the signature of a given PowerShell script, for exampleNew-JS7WorkflowFromExcel.ps1
available for download from the JS7 - How to import jobs and workflows from Excel article.- At the time of writing the
Get-AuthenticodeSignature
cmdlet is not available for Unix. - For PowerShell cmdlets offered by the JS7 - Download page users can apply instructions offered by the JS7 - Verifying releases article for Unix and Windows platforms.
- At the time of writing the
Verifying Signatures
Find the following example how to verify a PowerShell script's signature:
Code Block | ||
---|---|---|
| ||
Get-AuthenticodeSignature C:\download\New-JS7WorkflowFromExcel.ps1 | Format-List SignerCertificate : [Subject] CN=SOS Software- und Organisations-Service GmbH, O=SOS Software- und Organisations-Service GmbH, S=Berlin, C=DE, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=DE, SERIALNUMBER=HRB 21015 [Issuer] CN=Sectigo Public Code Signing CA EV R36, O=Sectigo Limited, C=GB [Serial Number] 4B0F8D82F0B376B297B6EADA4EA6D4EC [Not Before] 30.05.2023 02:00:00 [Not After] 30.05.2026 01:59:59 [Thumbprint] 2B03EA68F103E80D83228ABCF88A3B448CC8B257 TimeStamperCertificate : [Subject] CN="Sectigo RSA Time Stamping Signer #4", O=Sectigo Limited, S=Manchester, C=GB [Issuer] CN=Sectigo RSA Time Stamping CA, O=Sectigo Limited, L=Salford, S=Greater Manchester, C=GB [Serial Number] 394C25E17CA06D27A865E23BD91D22D4 [Not Before] 03.05.2023 02:00:00 [Not After] 03.08.2034 01:59:59 [Thumbprint] AE62AF750A0CBD47D6461F7568E2BC8CE7CA4F94 Status : Valid StatusMessage : Signature verified. Path : C:\download\New-JS7WorkflowFromExcel.ps1 SignatureType : Authenticode IsOSBinary : False |
...
- Code Signing Certificate: https://download.sos-berlin.com/certs/release-signing-ev/SOSReleaseSigningEV.crt
- First Intermediate CA Certificate: https://download.sos-berlin.com/certs/release-signing-ev/SectigoPublicCodeSigningCAEVR36.crt
- Second Intermediate CA Certificate: https://download.sos-berlin.com/certs/release-signing-ev/SectigoPublicCodeSigningRootR46_AAA.crt
- Root CA Certificate: https://download.sos-berlin.com/certs/release-signing-ev/AAACertificateServices.crt
Further Resources
Overview
Content Tools