Unable to run signed scripts using Live response

Brass Contributor

Hi,

 

Our scripts uploaded in MDE library are signed by a certificate. MDE throws an error upon running any of the signed scripts. However, when these scripts are executed using standalone Powershell console they work as intended.  MDE support suggests in order to execute signed scripts we need to install the certificate on the device before executing those signed scripts. 

 

What's interesting here is on the system where we ran the script successfully (using PS console), the certificate was not installed on it. Also, we were able to validate cert chain using powershell.  

 

Any suggestions on what can be done here as we were hoping MDE executes in the same way as PS does. Not intending  to install the cert on every device the script gets executed. 

 

Thank you !!

 

1 Reply
Maybe because MDE runs the script as SYSTEM and your tests run the scripts as a user, and the certificate is only trusted in user space? Just guessing. If your tests involve running the script as SYSTEM then that theory fails. Perhaps check if the CAs are trusted at machine level rather than user level.