How to sign a powershell script to be used for distribution

Hi,
I am new to powershell so if I’m missing out on any detail, please let me know.

We have some powershell scripts we send over to the clients to execute. Their powershell enviroment has execution policy set to ‘remote signed’

Now I have read multiple blogs for how to sign the powershell script to be used at different execution levels, but my understanding is signing is for my environment only.

http://www.hanselman.com/blog/SigningPowerShellScripts.aspx

http://blogs.technet.com/b/heyscriptingguy/archive/2010/06/17/hey-scripting-guy-how-can-i-sign-windows-powershell-scripts-with-an-enterprise-windows-pki-part-2-of-2.aspx

I’m probably missing out on something obvious and I’ll appreciate if someone can explain me how to sign my script so that client can use it in their environment with any execution level set.

Thanks in advance!

That’s right, if you distribute your own cert for use in the environment, or sign your script using a code-signing cert from your own Certificate Authority, your script will only be signed for local use.

If you want other environments to be able to run your script under a ‘RemoteSigned’ execution policy, you will either need them to issue you a Code-signing cert, or you’ll need a globally trusted certificate, from an organization like VeriSign, Thawte or GoDaddy. Expect to pay ~$800 + for one of those Code-signing certs.

It looks like prices vary, anywhere from $80 to $400 a year. Looks like StartSSL offers a free tier, but its Root CA might not be installed on everyone’s computers. (I would add some links, but the forum software won’t let me.)