Using the Get-AuthenticodeSignature Cmdlet

Retrieving Digital Signatures

The Get-AuthenticodeSignature cmdlet enables you to retrieve information about the digital signature (if any) that was used to sign a file. For example, this command retrieves any digital signatures used on the Windows PowerShell executable file:

Get-AuthenticodeSignature "C:\Program Files\Windows PowerShell\v1.0\Windows PowerShell.exe"

And here’s the type of data that comes back:

SignerCertificate                         Status             Path
-----------------                         ------             ----
564E01066387F26C912010D06BD78D3CF1E845AB  Valid              Windows PowerShell.exe

If a file (such as C:\Scripts\Test.txt) has not been digitally signed then you’ll get back data similar to this:

SignerCertificate                         Status             Path
-----------------                         ------             ----
                                          UnknownError       test.txt