PowerShell Error - The file is not digitally signed

When you try to run a PowerShell script that has not been signed by a trusted publisher, you may get the following security error:
"script.ps1 :File path\script.ps1 cannot be loaded. The file path\script.ps1 is not digitally signed. You cannot run this script on the current system."

This security error can occur when the PowerShell's execution policy is set to Allsigned or Remotesigned and the script isn't signed.

Allsigned execution policy allows execution of all Powershell scripts that are signed. Before executing the script you will be prompted to confirm that you trust the publisher that has signed the script.

Remote execution policy restricts the execution of downloaded scripts that are unsigned. Scripts that are executed from the local computer doesn't have to be signed.

Solution

There are different methods to overcome this error. You may choose to either sign the PowerShell script, change the execution policy, bypass the policy or unblock the file so that it can run once on that session.

Check Execution Policy

First of all check your execution policy using the cmdlet Get-ExecutionPolicy

PS C:\> Get-ExecutionPolicy
AllSigned

The list parameter in Get-ExecutionPolicy cmdlet tells you the execution policy for each scope.

PS C:\> Get-ExecutionPolicy -list 	
            Scope     ExecutionPolicy
            -----     ---------------
    MachinePolicy     Undefined
       UserPolicy     Undefined
          Process     Undefined
      CurrentUser     Undefined
     LocalMachine     RemoteSigned

The default execution policy for all windows version except for Windows 2012 R2 is Restricted. The default execution policy in Windows 2012 R2 is RemoteSigned.

Changing Execution Policy Permanently

The easiest but unsecure method of getting rid of this error message is to change the ExecutionPolicy using the SetExecutionPolicy cmdlet. The following command sets the execution policy to unrestricted.


PS C:\> Set-ExecutionPolicy unrestricted

Press Y to confirm the change when prompted. The policy change is updated in the registry and will remain until you change it again.

Changing Execution Policy Temporarily

Instead of changing the execution policy permanently you could set a different policy for a single PowerShell session. This is done using the ExecutionPolicy parameter of powershell.exe

Open a command prompt or PowerShell and run the command:


C:\> powershell.exe -executionpolicy -bypass

The above command opens a PowerShell session with execution policy for that session set to Bypass which means nothing is blocked.

Unblocking a File that was downloaded

When the execution policy is RemoteSigned, the files that are downloaded from the internet (or from emails) are blocked to protect your running unsafe scripts. If you trust the contents of the script are safe then you can unblock it to run on your session using the Unblock-File cmdlet


PS C:\> Unblock-File -Path C:\Downloads\script1.ps1

Once you have changed the Execution policy permanently or temporarily for a session or a particular script you can continue to run the script but before you do that make sure the contents of the script does not harm your computer


Post a comment

Name

Your Comment

Email (We dont publish it)

Comments

Nothing yet..be the first to share wisdom.