The PowerShell is not a digitally signed error often triggers while users run PowerShell scripts. It generally happens due to the values set for the PowerShell Execution Policy.
As a part of our Server Management Services, we help our Customers to fix windows related errors regularly.
Let us today discuss the possible causes and fixes for this error.
What is PowerShell is not digitally signed error?
While trying to run a PowerShell script that has not been signed by Trusted Publisher, users often see a security error “PowerShell is not digitally signed” as shown below:
This security error can occur when we have an AllSigned or RemoteSigned PowerShell Execution Policy.
Now, let us now discuss some possible methods to fix this error.
How to fix PowerShell is not a digitally signed error?
There are a few possible methods to fix this error. Let us have a look at each of them one by one.
Check and change Execution Policy
The first step here is to check the Execution Policy. We may run Get-ExecutionPolicy cmdlet to get the Execution Policy. The list parameter in the Get-ExecutionPolicy cmdlet tells us the policy for each scope.
PS C:\> Get-ExecutionPolicy -list
Once we have an idea of the Execution policies, the easiest but insecure method of getting rid of this error message is to change the ExecutionPolicy to unrestricted.
Further, we can change the Execution Policy using the SetExecutionPolicy cmdlet. The following command sets the execution policy to Unrestricted:
PS C:> Set-ExecutionPolicy unrestricted.
Press Y to confirm the change when prompted.
It then updates the policy change in the registry and remains this way until we change it again
Bypass the current PowerShell session
To change the execution policy temporarily, we can use Set-ExecutionPolicy cmdlet with ByPass setting.
Set-ExecutionPolicy -Scope Process -ExecutionPolicy ByPass
This simple command above will set the execution policy to bypass the current PowerShell session. Once we close this PowerShell session, it loses these settings.
Acceptable values for ExecutionPolicy parameter
Below is the detail of the acceptable values for -ExecutionPolicy parameter:
- Restricted. Does not load configuration files or run scripts. Restricted is the default execution policy.
- AllSigned. Requires a trusted publisher to sign all scripts and configuration files, including scripts that we write on the local computer.
- RemoteSigned. Requires a trusted publisher to sign all scripts and configuration files downloaded from the Internet.
- Unrestricted. Loads all configuration files and runs all scripts. Asks for permission if we run an unsigned script downloaded from the Internet.
- Bypass. Will not block anything and there are no warnings or prompts.
- Undefined. Removes the currently assigned execution policy from the current scope. This parameter will not remove an execution policy set in a Group Policy Scope.
The default scope for Set-ExecutionPolicy command is LocalMachine. We can also specify the scope for policy by adding -Scope parameter. For instance, some of the scopes that we can set include:
- Process: The execution policy affects only the current PowerShell process.
- CurrentUser: The execution policy affects only the current user.
- LocalMachine: The execution policy affects all users of the computer.
Further, to remove an execution policy from a particular scope, set the execution policy for that scope to Undefined.
Unblock the downloaded file
For RemoteSignedExecution Policy, sign all the scripts and configuration files downloaded from the Internet or from emails by a trusted publisher.
If we trust the contents of the script are safe, then we can unblock it to run on the session using the Unblock-File cmdlet:
PS C:> Unblock-File -Path C:Downloadsscript1.ps1
[Need any further assistance to fix Powershell is not digitally signed error? – We’re available 24*7]
Conclusion
In short, PowerShell is not digitally signed security error can occur when the PowerShell Execution Policy is set to AllSigned or RemoteSigned. Today, we saw how our Support Engineers fix this error.
0 Comments