Share via


Verifying a Script

Verifying a script determines whether the script that you are about to run is from a trusted source. It also allows you to confirm the integrity of the script. WSH verifies scripts before it attempts to run them, but you may have your own reason to verify a script.

VerifyFile Method

Script verification is accomplished programmatically with the Signer object's VerifyFile method.

The VerifyFile method:

  • Verifies the validity of the signature.

  • Verifies that the signature belongs to a person who is trusted in your Trusted Publishers List.

  • Verifies that the script has not been changed since it was signed.

    Note

    Although the VerifyFile method programmatically confirms the digital signature, you should always ensure that you really trust the trusted roots in the Trusted Publishers List.

See Also

Concepts

Signing a Script (Windows Script Host)

Signature Verification Policy

CryptoAPI Tools

Other Resources

Security and Windows Script Host