0
我從我們的可信CA獲得了代碼簽名證書。我試圖在PowerShell ISE中籤署一個腳本,但得到「UnknownError」。我曾嘗試將腳本編碼爲UTF-8,但我仍然收到相同的錯誤。我已經驗證腳本是UTF-8。通過Set-AuthenticodeSignature對powershell腳本進行簽名時出現UnknownError
$cert=(dir cert:currentuser\my\ -CodeSigningCert)
Set-AuthenticodeSignature C:\Scripts\Certtestnew.ps1 $cert
即使我得到「UnknownError」,它仍然似乎簽署腳本。雖然,當我運行腳本時,我收到「文件C:\ Scripts \ Certtestnew.ps1的內容可能已被篡改,因爲 文件的散列與存儲在數字簽名中的散列不匹配。」
UPDATE $證書信息:
PSPath : Microsoft.PowerShell.Security\Certificate::currentuser\my\FDCD31216C3491C2809441344EE6EF5E01EB0550
PSParentPath : Microsoft.PowerShell.Security\Certificate::currentuser\my
PSChildName : FDCD31216C3491C2809441344EE6EF5E01EB0550
PSDrive : Cert
PSProvider : Microsoft.PowerShell.Security\Certificate
PSIsContainer : False
EnhancedKeyUsageList : {}
DnsNameList : {}
SendAsTrustedIssuer : False
Archived : False
Extensions : {System.Security.Cryptography.Oid,System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid...;}
FriendlyName :
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 10/29/2016 4:05:37 PM
NotBefore : 10/29/2015 3:45:37 PM
HasPrivateKey : True
PrivateKey :
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 5, 225...;}
SerialNumber : 60A14A915A0FAFA12311B0998F5892C9
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : FDCD31216C3491C2809441344EE6EF5E01EB0550
Version : 3
Handle : 578311520
Issuer : CN=USER OU=Admin, OU=Admin and Service Accounts, DC=domoain
Subject : CN=USER, OU=Admin, OU=Admin and Service Accounts, DC=domain
$ cert變量是否返回正確的證書? – bentek
@bentek是的。但是,當我鍵入$ cert.privatekey時,什麼也沒有顯示。 – user3711442
你是如何重新編碼和驗證腳本是UTF8的? – bentek