so with
$filestosign = (dir -recurse-include *.ps1)
Set-AuthenticodeSignature $filestosign $signingcert
i can sign all my ps1 files in a folder. But is there a quick way to undo this again?
views:
67answers:
2
A:
I suspect this isn't the answer you were hoping for, but I'm pretty sure there isn't a "Remove-AuthenicodeSignauture" cmdlet that is going to help out.
Signing, as I'm sure you know, involves adding a commented section to the script. Removing this commented section should remove the signing. However, that's something you'll need to write yourself.
Martin Peck
2009-12-18 13:36:05
+1
A:
I played a bit around and came to this solution: The signature is appended at the end of a file. I search for the string "SIG # Begin signature block" to know the Linenumbers i don't need any more, display the rest and write this back:
function remove-signature ($signedFile = "D:\ps10\test.ps1")
{
$filecontent = Get-Content $signedFile
$filecontent[0..(((Get-Content $signedFile | select-string "SIG # Begin signature block").LineNumber)-2)] | Set-Content $signedFile
}
Think this should work. My first thought was to find a way to select the area between the two strings: "SIG # Begin" and "SIG # End" . Just for learning purpose i would be interrested how i could have done that.
icnivad
2009-12-19 19:34:07