A cmdlet is a lightweight command that is used in the Windows PowerShell environment. The Windows PowerShell runtime invokes these cmdlets within the context of automation scripts that are provided at the command line. The Windows PowerShell runtime also invokes them programmatically through Windows PowerShell APIs. In today’s post, we will identify the cause and then provide the workaround to the issue of signed PowerShell cmdlets run slower than unsigned cmdlets on Windows.
Cmdlets perform an action and typically return a Microsoft .NET Framework object to the next command in the pipeline. To write a cmdlet, you must implement a cmdlet class that derives from one of two specialized cmdlet base classes. The derived class must:
- Declare an attribute that identifies the derived class as a cmdlet.
- Define public properties that are decorated with attributes that identify the public properties as cmdlet parameters.
- Override one or more of the input processing methods to process records.
Signed PowerShell cmdlets run slower than unsigned cmdlets
You’ll notice that signed Windows PowerShell cmdlets are running more slowly than unsigned cmdlets.
This issue occurs because the computer cannot connect to the following addresses for Certificate Trust List (CTL) verification:
This occurs when a network issue exists. For example, there are incorrect proxy settings.
To work around this issue, do the following:
Computer Configuration > Windows Settings > Security Settings > Public Key Policies
- In the details pane on the right, double-click Certificate Path Validation Settings.
- Select the Network Retrieval tab.
- Check the Define these policy settings checkbox.
- Uncheck the Automatically update certificates in the Microsoft Root Certificate Program (recommended) checkbox.
- Click Apply > OK.
You can now exit Local Group Policy Editor.