Set-AuthenticodeSignature

The Set-AuthenticodeSignature cmdlet applies an Authenticode signature to any file that supports Subject Interface Package (SIP). This cmdlet is available only on the Windows platform.

Sign Authenticode Files with Set-AuthenticodeSignature using AppViewX CSP

Prerequisites:

Execute the AppViewX SIGN+ Installer to install the necessary prerequisites for using the AppViewX CSP.
Installed Powershell.

Sign Command:

$SigningCertificate = (Get-ChildItem -Path Cert:\\CurrentUser\\My\\<SHA1 Thumbprint>)
Set-AuthenticodeSignature -FilePath <input file> -Certificate $SigningCertificate -TimestampServer <timestamp_url> -HashAlgorithm <digest algorithm>

-CertHash <SHA1 Thumbprint>: SHA1 Thumbprint of Signing Certificate
-TimeStampUri <timestamp_url>: Timestamping URL
-Algorithm <digest algorithm>: Hashing Algorithm.

The <SHA1 Thumbprint>, <timestamp_url> and <digest algorithm> are auto generated in the README after running the SIGN+ Installer.

Copy the above command generated in the README File and use it in your PowerShell script or CI/CD pipeline jobs as needed.

Sample Output:

Verify Command

(Get-AuthenticodeSignature <signed file path>).Status -eq 'Valid'

Sample Output