PowerShell – GIT Script Signing Error might have been changed by Unauthorized user or process

I am sharing a automation issue that we have recently faced.

We run signed PowerShell scripts only, few of our script on migration to GIT and then pulling it to the servers (automated via CICD pipeline) started erroring out as shown in below screenshot.


On checking further using below command to verify signature we have found status coming as HashMismatch

Get-AuthenticodeSignature -FilePath “filepath onserver”


We were scratching our head and was not able to find any solution on Internet and it was not occurring for all scripts but some of the projects only.

Suddenly we have noticed a warning that has given us the clue and we headed in right direction of resolving it.

This warning comes on GIT where it replaces LF with CRLF.


That is a change happened which was being detected as unauthorized, after we turned that off for the projects We were able to resolve this error.

Here is the command to turn it OFF:

git config –global core.autocrlf false

To find how many scripts are impacted by it we have used below PowerShell snippet on the Server:

Get-ChildItem -Recurse | where{$_.Name -like “*.ps1”} | ForEach-Object{

$getsignature = Get-AuthenticodeSignature -FilePath $_.FullName

if($getsignature){

if($getsignature.status -eq “HashMismatch”){

write-host “$($_.FullName)” -ForegroundColor yellow

}

}

else{

write-host “$($_.FullName)” -ForegroundColor Red

}

}

If you are in same situation, you can follow the above solution and it will save you troubleshooting time.

 

 

Thanks for reading …

Tech Wizard

 

https://techwizard.cloud

https://syscloudpro.com/

PowerShell Fast Track

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s