Trust Services Encrypt Files Powershell Sample
Introduction
Sample PowerShell script FileEncrypt.ps1 shows the very basic usage of Trust Services to encrypt and decrypt data from the files.
The sample uses a single certificate for Policy Administrator, Data Publisher and Data Consumer roles. This sample also uses a single Data Policy that dictates encryption for all files.
Prerequisites
Prerequisites are the same as in [[Microsoft Codename "Trust Services" Getting Started Tutorial|Getting Started Tutorial]] and other Trust Services samples.
Download
To download FileEncrypt.ps1 sample script, visit Trust Services Samples Download page and click on "EncryptFilesPS".
Steps to run the script
This script requires the following information:
- Thumbprint of X509 certificate stored in Current User Windows Certificate Store, and
- Trust Server name.
See Steps 1 and 2 in [[Microsoft Codename "Trust Services" Getting Started Tutorial|Getting Started Tutorial]] on how to create X509 certificate, create Trust Server using Trust Services Portal, and upload created X509 certificate to Trust Server.
Start Trust Services Shell shortcut in Start Menu.
Run downloaded script as follows to encrypt a folder: .\FileEncrypt.ps1 -certificateThumbprint CBD98CE6C208125E164F4A4F125BAD7B3DE0D9E3 -trustServerName wpccyexb2e -inputDirectory G:\test\Clear -outputDirectory G:\test\Encrypted -encrypt 1 To decrypt a folder: .\FileEncrypt.ps1 -certificateThumbprint CBD98CE6C208125E164F4A4F125BAD7B3DE0D9E3 -trustServerName wpccyexb2e -inputDirectory G:\test\Encrypted -outputDirectory G:\test\Clear -encrypt 0
Quick Links
[[Learn More about Microsoft Codename "Trust Services"|Learn More]]
[[Microsoft Codename "Trust Services" Getting Started Tutorial|Getting Started Tutorial]]
[[Microsoft Codename “Trust Services” Samples|Samples]]
[[Microsoft Codename “Trust Services” Troubleshooting|Troubleshooting]]