From 4e6e971797c13e460882d97f3b381538d5f26885 Mon Sep 17 00:00:00 2001
From: David Paulson <dpaul@microsoft.com>
Date: Tue, 3 Oct 2023 11:35:47 -0500
Subject: [PATCH] Show more info for data serialization signing when not set

---
 ...-AnalyzerSecuritySerializedDataSigningState.ps1 | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/Diagnostics/HealthChecker/Analyzer/Security/Invoke-AnalyzerSecuritySerializedDataSigningState.ps1 b/Diagnostics/HealthChecker/Analyzer/Security/Invoke-AnalyzerSecuritySerializedDataSigningState.ps1
index 1aa585b23e..5cbf989e45 100644
--- a/Diagnostics/HealthChecker/Analyzer/Security/Invoke-AnalyzerSecuritySerializedDataSigningState.ps1
+++ b/Diagnostics/HealthChecker/Analyzer/Security/Invoke-AnalyzerSecuritySerializedDataSigningState.ps1
@@ -100,10 +100,18 @@ function Invoke-AnalyzerSecuritySerializedDataSigningState {
         }
         Add-AnalyzedResultInformation @params
 
-        if ($null -ne $additionalSerializedDataSigningDisplayValue) {
+        # Always display if not true
+        if (-not ($serializedDataSigningState -eq $true)) {
+            $addLine = "This may pose a security risk to your servers`r`n`t`tMore Information: https://aka.ms/HC-SerializedDataSigning"
+
+            if ($null -ne $additionalSerializedDataSigningDisplayValue) {
+                $details = "$additionalSerializedDataSigningDisplayValue`r`n`t`t$addLine"
+            } else {
+                $details = $addLine
+            }
+
             $params = $baseParams + @{
-                Details                = $additionalSerializedDataSigningDisplayValue +
-                "`r`n`t`tThis may pose a security risk to your servers`r`n`t`tMore Information: https://aka.ms/HC-SerializedDataSigning"
+                Details                = $details
                 DisplayWriteType       = $serializedDataSigningWriteType
                 DisplayCustomTabNumber = 2
             }