Add-SignerRule
Creates a signer rule and adds it to a policy.
Syntax
Add-SignerRule
-FilePath <String>
-CertificatePath <String>
[-Kernel]
[-User]
[-Update]
[-Supplemental]
[-Deny]
[<CommonParameters>]
Add-SignerRule
-FilePath <String>
-CertStorePath <String>
[-Kernel]
[-User]
[-Update]
[-Supplemental]
[-Deny]
[<CommonParameters>]
Description
The Add-SignerRule cmdlet creates a signer rule based on a certificate, and then adds the rule to a Code Integrity policy. By default, this cmdlet creates allow rules. Specify at least one scenario for the rule in the policy from the following scenarios:
- User
- Kernel
- Update
Examples
Example 1: Create and add a signer rule for User mode
PS C:\> Add-SignerRule -FilePath '.\Policy.xml' -CertificatePath '.\certificate07.cer' -User
This command generates a signer rule for the certificate in certificate07.cer. The command adds the rule to policy.xml for the User mode scenario.
Parameters
-CertificatePath
Specifies the path of a certificate (.cer) file that this cmdlet uses for the rule.
Type: | String |
Aliases: | c |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CertStorePath
Specifies the path to a certificate store to export certificates into the policy.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Deny
Indicates that this cmdlet creates a deny rule instead of the default allow rule.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FilePath
Specifies the path of the policy .xml file to which this cmdlet adds the rule.
Type: | String |
Aliases: | f |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Kernel
Indicates that this cmdlet adds the rule as a Kernel mode rule. You can add a rule as more than one scenario.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Supplemental
Indicates that this cmdlet adds the rule as a Supplemental policy signers rule. You can add a rule as more than one scenario.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Update
Indicates that this cmdlet adds the rule as an Update policy signers rule. You can add a rule as more than one scenario.
Update policy signers rules to determine which signers can sign a policy in signed policy scenario.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-User
Indicates that this cmdlet adds the rule as a User mode rule. You can add a rule as more than one scenario.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Related Links
Commentaires
https://aka.ms/ContentUserFeedback.
Bientôt disponible : Tout au long de 2024, nous allons supprimer progressivement GitHub Issues comme mécanisme de commentaires pour le contenu et le remplacer par un nouveau système de commentaires. Pour plus d’informations, consultezEnvoyer et afficher des commentaires pour