Crypt32
commented
2 years ago you are right, the delay is caused by signature validation routine, which builds the chain and contact internet to get revocation info from public CA. However, this should not be a problem since all scripts are signed with same certificate and you have to download this revocation info only once. It is then cached and all subsequent scripts will be validated against cached info. However, multiple attempts can be done if revocation info cannot be accessed. I would check if your firewall allows connections to revocation information (OCSP and CRLs).
Putting all scripts into single file is not possible, because it is impossible to maintain this amount of code in a single file.
iRon7
Not sure whether this is a valid request but trying it anyway 😀. We are noticing quiet some loading time for
import-module pspkiin our environment. Currently it is 12 seconds but probably higher when there is more network traffic (Windows PowerShell). As far as I can determine it is related to all the separate signed PowerShell scripts Dot sourcing a single script as e.g.. .\Get-CertificateRequest.ps1takes about 3 seconds. While dot sourcing the same script without the signature block loads instantly (al testing done in new sessions). Also setting the Execution Policy to Bypass will more than halve the loading time. It is in my believe that adding all the separately signed PowerShell script to a single script (or even the module) itself, will improve the loading time of this module. This is also suggested here Digitally signed manifest module slow to import: "The best solution at the moment is to "compile" the ps1 files into a single psm1 as a build step."Is it possible to investigate/implement this
PSPKImodule?