The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Signed PowerShell cmdlets run slower than unsigned cmdlets [Fix]

Download Windows Speedup Tool to fix errors and make PC run faster

A cmdlet is a lightweight command used in the Windows PowerShell environment. The Windows PowerShell runtime invokes these cmdlets within the context of automation scripts provided at the command line. The Windows PowerShell runtime also invokes them programmatically through Windows PowerShell APIs. In today’s post, we will identify the cause and then provide the workaround to the issue of signed PowerShell cmdlets run slower than unsigned cmdlets on Windows.

Cmdlets act and typically return a Microsoft .NET Framework object to the next command in the pipeline. To write a cmdlet, you must implement a cmdlet class derived from one of two specialized cmdlet base classes. The derived class must:

  • Declare an attribute that identifies the derived class as a cmdlet.
  • Define public properties that are decorated with attributes that identify the public properties as cmdlet parameters.
  • Override one or more of the input processing methods to process records.

Signed PowerShell cmdlets run slower than unsigned cmdlets

You’ll notice that signed Windows PowerShell cmdlets are running more slowly than unsigned cmdlets.

This issue occurs because the computer cannot connect to the following addresses for Certificate Trust List (CTL) verification:

http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab

http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab

This occurs when a network issue exists. For example, there are incorrect proxy settings.

To work around this issue, do the following:

Signed PowerShell cmdlets run slower than unsigned cmdlets

Computer Configuration > Windows Settings > Security Settings > Public Key Policies

  • In the details pane on the right, double-click Certificate Path Validation Settings.
  • Select the Network Retrieval tab.
  • Check the Define these policy settings checkbox.
  • Uncheck the Automatically update certificates in the Microsoft Root Certificate Program (recommended) checkbox.
  • Click Apply > OK.

You can now exit Local Group Policy Editor.

That’s it!

Obinna@TWC

Obinna has completed B.Tech in Information & Communication Technology. He has worked as a System Support Engineer, primarily on User Endpoint Administration, as well as a Technical Analyst, primarily on Server/System Administration. He also has experience as a Network and Communications Officer. He has been a Windows Insider MVP (2020) and currently owns and runs a Computer Clinic.