Signing a script writes a digital signature block of comments in a script. The signature, which contains encoded information about the identity of the author, also encapsulates encoded information about the script itself. Consequently, any attempt to change the script invalidates the signature.
Example
Script signing is programmatically accomplished with the Scripting.Signer object's SignFile method.
Copy Code | |
---|---|
<job> <runtime> <named name="file" helpstring="the file to sign" required="true" type="string"/> <named name="cert" helpstring="the name of the signing certificate" required="true" type="string"/> <named name="store" helpstring="the name of the certificate store" required="false" type="string"/> </runtime> <script language="JScript"> var Signer, File, Cert, Store; if (!(WScript.Arguments.Named.Exists("cert") && WScript.Arguments.Named.Exists("file"))) { WScript.Arguments.ShowUsage(); WScript.Quit(); } Signer = new ActiveXObject("Scripting.Signer"); File = WScript.Arguments.Named("file"); Cert = WScript.Arguments.Named("cert"); if (WScript.Arguments.Named.Exists("store")) { Store = WScript.Arguments.Named("store"); } else { Store = ""; } Signer.SignFile(File, Cert, Store); </script> </job> |
Note |
---|
In order to sign a script, you must have a valid certificate. Ask your Administrator about your certification policy or contact a commercial certification authority. |