Signing a Script (Windows Script Host) (original) (raw)

Skip to main content

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Signing a Script (Windows Script Host)

• Article
• 10/24/2011

In this article

Signing a script writes a digital signature block of comments in a script. The signature, which contains encoded information about the identity of the author, also encapsulates encoded information about the script itself. Consequently, any attempt to change the script invalidates the signature.

Example

Script signing is programmatically accomplished with the Scripting.Signer object's SignFile method.

<job>
<runtime>
   <named name="file" helpstring="the file to sign" required="true" type="string"/>
   <named name="cert" helpstring="the name of the signing certificate" required="true" type="string"/>
   <named name="store" helpstring="the name of the certificate store" required="false" type="string"/>
</runtime>
<script language="JScript">
   var Signer, File, Cert, Store;
   if (!(WScript.Arguments.Named.Exists("cert") && WScript.Arguments.Named.Exists("file"))) 
   {
      WScript.Arguments.ShowUsage();
      WScript.Quit();
   }
   Signer = new ActiveXObject("Scripting.Signer");
   File  = WScript.Arguments.Named("file");
   Cert  = WScript.Arguments.Named("cert");
   if (WScript.Arguments.Named.Exists("store"))
   {
      Store = WScript.Arguments.Named("store");
   }
   else
   {
      Store = "";
   }
    Signer.SignFile(File, Cert, Store);
</script>
</job>

Note

In order to sign a script, you must have a valid certificate. Ask your Administrator about your certification policy or contact a commercial certification authority.

See Also

Concepts

Verifying a Script

Signature Verification Policy

CryptoAPI Tools

Signing a Script

Other Resources

Security and Windows Script Host

Additional resources

In this article