Creating a private key to sign a PowerShell Script with makecert is no longer possible?

Discussion in 'Windows XP Security' started by olspookishmagus, Oct 4, 2017.

  1. olspookishmagus

    olspookishmagus

    Joined:
    Oct 4, 2017
    Messages:
    2
    Likes Received:
    0
    Hello.

    I'm struggling to create a private key in order then to use to sign a PowerShell Script and I would really use some help on this.

    Firstly I wanted to be able to run PowerShell scripts without having to lower PowerShell's Execution-Policy and in order to do that one should have to be able to sign scripts.

    Therefore and after installing the Windows SDK I'm trying to create a private key (and then a certificate) in order to be able to sign scripts.

    But this fails likewise:
    Code:
    C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin>makecert -n "CN=PowerShell Local Certificate Root" -a sha1 -eku 1.3.6.1.5.5.7.3.3 -r -sv root.pvk root.cer -ss Root -sr localMachine
Error: Can't create the key of the subject ('root.pvk')
Failed
    And so I've begun trying to debug this, with no success.

    So far I've checked with these:
    • I checked with makecert's documentation to check whether the command parameters are correct
    • executed the command from within a non-special directory
    • executed the command as the local Administrator user
    • executed the command from an "elevated" Command Prompt or an "elevated" PowerShell
    • made sure the security permissions for _ALL_ the Crypto/RSA directories are set as indicated
    If you have any ideas or you would like to share your insights or have me walk again over again something I've already tried/mentioned please feel free to comment.

    Thanks in advance.
     
    olspookishmagus, Oct 4, 2017
    #1
  2. olspookishmagus

    olspookishmagus

    Joined:
    Oct 4, 2017
    Messages:
    2
    Likes Received:
    0
    OK, this has been resolved following some guidance receive in another community I cross-posted this to and now the least I can do for it is to update this thread with the solution along with my apologies.

    As it seems, the makecert I was trying to execute that command was not the correct one. The correct one comes bundled with the Windows SDK I've already linked and it has version: 6.1.7600.16385 and SHA1SUM: 7fd7f36b5acbe69de6c966b397341fd1ddbb04a1.

    With that particular makecert the above command with those options (and even more advanced ones) are being carried out flawlessly.
     
    olspookishmagus, Oct 11, 2017
    #2
Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. Program title no longer appears under "Programs"

  2. creating start button

  3. navigating icons with tab key with open window

  4. "My Pictures" screen saver no longer works

  5. Windows Script Host Error: The system cannot find the file specified

  6. April, 14 2014, Windows XP will no longer be supported. (Looking for a checklist)

  7. Is This Even Possible

  8. Possible to flip screen upside down with XP Embedded?

Loading...