Adds PowerShell functions to allow you to sign scripts and files using a code signing certificate.
Is an Extension Module to the Meriworks.PowerShell.BuildEvents .
To sign your files you need to have signtool.exe installed. The easiest way to install it and allow the Meriworks.PowerShell.Sign scripts to find it is to install the Windows Sdk.
When including the NuGet package to your Visual Studio project, the following PowerShell functions is automatically available in the BuildEvent scripts.
This method will sign a ps1 script using the Set-Authenticode command if needed.
Usage:
SignScript (join-path $projectDir "nuspec/tools/install.ps1")
This method works in the same way as SignScript but will sign all files in a given folder
Usage:
SignScriptsInFolder (join-path $projectDir "nuspec/tools")
Will sign all *.ps1 and *.psm1 files.
This method will sign an msi using the signtool.exe command.
Usage:
$file = "path/to/myprogram.msi"
SignMsi "www.mysite.com" "My program v1.0.0 setup" $file
When signing, a timestamp server is used. To specify which timestamp server to use, set the $global:timestampUrl variable before signing.
$global:timestampUrl = "http://timestamp.globalsign.com/?signature=sha2"
SignMsi "www.mysite.com" "My program v1.0.0 setup" "path/to/myprogram.msi"
Since version 6, this file is now included automatically and the PowerShell dotting is now obsolete and the previous initialization line needs to be removed from the scripts.
. (Join-Path $projectDir "_msbuild/Meriworks.PowerShell.Sign/Functions.ps1")
In case you get the error message above when invoking the scripts, then follow the instructions below
-
Download and install Capicom 2.1.0.2 http://www.microsoft.com/sv-se/download/details.aspx?id=25281
-
Copy capicom.dll from
C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2\lib\X86\toC:\Windows\SysWOW64\ -
Start a cmd prompt in admin mode and run the following commands
cd C:\Windows\SysWOW64 Regsvr32 capicom.dll
Licensed using the MIT License.
Developed by Dan Händevik, Meriworks.
- Changed timestamp server url and made it configurable #1
- Moved to azure pipelines
- Added error handling if singing a script fails
- Fixed an issue with expiration date
- Now supports Windows 10 Sdk paths for signtool.exe
- Fixed issue where the path to signtool.exe was incorrectly calculated
- Inlining of Function.ps1 is no longer supported
- Removed unused dll from nupkg file
- Removed scripts and readme from project
- Minor changes in nuspec, license and documentation
- Initial release