Renewing Powershell Self Signed Certificate from CA

Massimiliano Gasbarro 20 Reputation points
2024-09-23T15:49:59.2+00:00

Hi Everyone,

We're going to change ours Self Signed Powershell certificates, we have an AD Certificate Services in our domain, we've created custom Self Signed Powershell certificates for code signing, then we've distribute the certificates via GPO. These kind of certificates we use for signing Script, and that we distribute on clients, have 2 years of validity, while the Custom template on CA has 10 years of validity.

As the script that we run daily are signed with a certificate which is going to expire, what happens when we will reissue a new certificate from CA and then distribute the new one, must we re-sign all the scripts? Or can we just keep using the expired one?

Thanks for asking

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,056 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,525 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,510 questions
0 comments No comments
{count} votes

Accepted answer
  1. Daisy Zhou 23,426 Reputation points Microsoft Vendor
    2024-09-25T07:53:37.8066667+00:00

    Hello Massimiliano Gasbarro,

    Thank you for posting in Q&A forum.

    Once a certificate expires, it is no longer considered valid for signing or authentication purposes. This means that any scripts signed with the expired certificate will not be trusted by the system.

    To ensure that your scripts continue to be trusted and run without issues, you will need to re-sign them with the new certificate. This involves using the new certificate to sign each script again.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.