When you try to run a PowerShell script that has not been signed by Trusted Publisher, you may get the following security error.
<PowerShell Script file> is not digitally signed. You cannot run
this script on the current system. For more information about running scripts and setting execution policy, see
about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170.
How to resolve the error PowerShell script is not digitally signed?
There are some resolutions for this issue. You can sign the PowerShell script that you want to run, change the execution policy, bypass the policy or unblock the file so that it can run once on that session.
Check execution policy
You can run Get-ExecutionPolicy cmdlet to get your Execution Policy.
You can also add -list parameter to get the execution policy for each scope.
Change Execution Policy Permanently
The easiest but unsecured method of getting rid of this error message is to change the
Set-ExecutionPolicy -ExecutionPolicy unrestricted
Change Execution Policy Temporarily
To change the execution policy temporarily, you can use Set-ExecutionPolicy cmdlet with ByPass setting.
Set-ExecutionPolicy -ExecutionPolicy ByPass
Below is the detail of the acceptable values for -ExecutionPolicy parameter:
- Restricted. Does not load configuration files or run scripts. Restricted is the default execution policy.
- AllSigned. Requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you write on the local computer.
- RemoteSigned. Requires that all scripts and configuration files downloaded from the Internet be signed by a trusted publisher.
- Unrestricted. Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs.
- Bypass. Nothing is blocked and there are no warnings or prompts.
- Undefined. Removes the currently assigned execution policy from the current scope. This parameter will not remove an execution policy that is set in a Group Policy
The default scope for Set-ExecutionPolicy command is LocalMachine. You can also specify on which scope the policy will be set by adding -Scope parameter. Below is the detail of scopes that you can set:
- Process: The execution policy affects only the current PowerShell process.
- CurrentUser: The execution policy affects only the current user.
- LocalMachine: The execution policy affects all users of the computer.
To remove an execution policy from a particular scope, set the execution policy for that scope to Undefined.