Scappman PowerShell Certificate
Here you can find the Scappman Public Certificates & information on how to implement the PowerShell Execution Policy in your environment.
Last updated
Here you can find the Scappman Public Certificates & information on how to implement the PowerShell Execution Policy in your environment.
Last updated
To help our customers create secure environments, Scappman signs all the PowerShell scripts it creates. The public key of our Code Signing certificate can be found at the bottom of this paragraph. By adding this certificate to the Trusted Publishers local machine certificate store you can set your PowerShell ExecutionPolicy to AIISigned, which will only allow scripts that have been signed by a Trusted Publisher to run.
For more information about PowerShell ExcutionPolicy, refer to the Microsoft Docs.
In case you want to implement this, check out our guide down below
It is crucial to keep both certificates on your machines as some of the current packages, which are already pushed in your Intune tenant, are still signed with the old certificate.
New Certificate (For packages deployed starting 03/10/2024):
Certificate (For packages deployed until 03/10/2024) :
Enabling the βAllSignedβ Execution Policy in PowerShell enhances IT security by requiring all scripts and configuration files to be signed by a trusted publisher before execution. Key benefits include:
Enhanced Security: Reduces the risk of running malicious or unauthorized code.
Integrity Assurance: Ensures scripts havenβt been tampered with, supporting compliance with security standards.
Accountability: Tracks the origin of scripts, providing greater control over the IT environment.
Trust Management: Establishes trusted relationships with script publishers, allowing only verified scripts to be executed.
By implementing this policy, Scappman helps you create a secure environment, protect your data, and maintain the reliability of your IT operations.
Download the New Certificate
Get the thumbprint of the certificate
Create custom Intune profile setting
Fill in required information.
Fill in Name by your choice.
Construct OMA-URI: ./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/!Placethumbprintnumberhere!/EncodedCertificate
Open newest certification and copy paste into "String Value".
See step 2 for Thumbprintnumber
Assign policy to your devices.
