Signed PowerShell cmdlets run slower than unsigned cmdlets

Applies to: Windows Server 2012 R2Windows Server 2012Windows Server 2016


You find that signed Windows PowerShell cmdlets are running more slowly than unsigned cmdlets.


This issue occurs because the computer cannot connect to the following addresses for Certificate Trust List (CTL) verification:


This occurs when a network issue exists. For example, there are incorrect proxy settings.


To work around this issue, follow these steps:

  1. Under the Computer Configuration node in Local Group Policy Editor, double-click Policies.
  2. Double-click Windows Settings, double-click Security Settings, and then double-click Public Key Policies.
  3. In the details pane, double-click Certificate Path Validation Settings.
  4. Select the Network Retrieval tab, select the Define these policy settings check box, and then clear the Automatically update certificates in the Microsoft Root Certificate Program (recommended) check box.
  1. Select OK, and then close Local Group Policy Editor.