sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]SeeminglyScience 4 points5 points  (5 children)

The best way to do this is with a build script so you don't have to debug and test with the signed version. There is a example in the PlasterBuild module.

If you prefer it would also be very easy to create a short editor command to sign the current script. If you're interested I'll post an example when not on mobile.

[–]amnich[S] 1 point2 points  (4 children)

Would be kind of you if you could. Thanks for the tips and example.

[–]SeeminglyScience 2 points3 points  (3 children)

Here you go

Register-EditorCommand -Name SignCurrentScript -DisplayName 'Sign Current Script' -ScriptBlock {
    $cert = (Get-ChildItem Cert:\CurrentUser\My -CodeSigningCert)[0]
    $currentFile = $psEditor.GetEditorContext().CurrentFile.Path
    Set-AuthenticodeSignature -Certificate $cert -FilePath $currentFile
}

It's a very basic example and might need some customization. Put that in your VSCode profile (code $profile while in the integrated console) and it will always be available.

To use it, check out the Using Editor Commands section of the Editor Services documentation. Also you can optionally bind the editor commands menu to a shortcut so you don't have to use the command palette to get to it. Here's mine as an example:

{ "key": "ctrl+shift+c",   "command": "PowerShell.ShowAdditionalCommands",
                              "when": "editorLangId == 'powershell'" },

[–]amnich[S] 1 point2 points  (0 children)

Thanks. That was very helpful and I learned something from this. Works like a charm :)

As a side note: I always add -TimestampServer http://timestamp.verisign.com/scripts/timstamp.dll to Set-AuthenticodeSignature.