Get-AuthenticodeSignature | Taking on PowerShell one cmdlet at a time | Weekly Blog

Share this post:

This is a part of an on-going blog series written by Adam Gordon. Each week, Adam will walk you through a PowerShell command, showing you when and how to use each one. This week, Adam covers Get-AuthenticodeSignature.

When to use Get-Authenticode Signature?

The Get-AuthenticodeSignature cmdlet gets information about the Authenticode signature for a file or file content as a byte array.

If the file is not signed, the information is retrieved, but the fields are blank.

What version of PowerShell am I using for this blog?

Get the PowerShell Version from your machine:

$PSVersionTable

This command shows you the PowerShell version information on your machine.

How to use Get-AuthenticodeSignature?

Get the Authenticode signature for a file:

Get-AuthenticodeSignature -FilePath “C:\Windows\Regedit.exe”

The Get-AuthenticodeSignature cmdlet gets information about the Authenticode signature for the Regedit.exe file. It uses the -FilePath parameter to specify the file.

Get only valid Authenticode signatures for multiple files:

Get-ChildItem $PSHOME\*.* | ForEach-object {Get-AuthenticodeSignature $_} | Where-Object {$_.status -eq “Valid”}

This command lists all of the files in the $PSHOME directory that have a valid Authenticode signature. The $PSHOME automatic variable contains the path to the PowerShell installation directory.

The command uses the Get-ChildItem cmdlet to get the files in the $PSHOME directory. It uses a pattern of . to exclude directories (although it also excludes files without a dot in the filename).

The command uses a pipeline operator (|) to send the files in $PSHOME to the ForEach-Object cmdlet, where Get-AuthenticodeSignature is called for each file.

The results of the Get-AuthenticodeSignature command are sent to a Where-Object command that selects only the signature objects with a status of Valid.

Need PowerShell training? Check out ITProTV’s PowerShell online IT training courses.

Leave a Reply

Your email address will not be published. Required fields are marked *