Code signing remark still valid for labconfig

[Karl-WE]

See #609

https://github.com/microsoft/MSLab/releases/tag/v24.11.1

From the changelog I understood that signing got removed @machv, can we remove instructions in readme.md?

[machv]

This change, I hope, is only temporary until I resolve needed changes on the build infrastructure. But as Windows Server 2025 has recently been released, I didn't want to further block MSLAB new release.

[Karl-WE]

Thanks!
So only labconfig.ps1 will remain unsigned in future? I mean this one needs to be edited and then re-signed anyway.

This is well described but I wonder why we are doing this in the first place?
I understand it more for all scripts.

I never had any issues running Deploy with an unsigned labconfig. That's my point.

Thank you for your explaination why it's feasible to sign it, while it's a dynamic file.

Reference
Also please keep in mind that any change to LabConfig.ps1 file would then require to sign that file again as any change in LabConfig would invalidate initial signature.

To sign LabConfig.ps1 file you can use this snippet that would select first available Code Signing certificate on your computer:

Get a Code signing certificate from store $certificate = Get-ChildItem -Path Cert:\CurrentUser\My\ -CodeSigningCert | Select-Object -First 1 # Add signature to a LabConfig file Set-AuthenticodeSignature -FilePath "LabConfig.ps1" -Certificate $certificate