Edit

Share via


Get-AdfsCertificate

Retrieves the certificates from AD FS.

Syntax

ByType (Default)

Get-AdfsCertificate
    [[-CertificateType] <String[]>]
    [<CommonParameters>]

ByReference

Get-AdfsCertificate
    [-Thumbprint] <String[]>
    [<CommonParameters>]

Description

The Get-AdfsCertificate cmdlet retrieves the certificates that Active Directory Federation Services (AD FS) uses for token signing, token decrypting, card signing, and securing service communications.

Examples

Example 1: Get the token-signing certificates

PS C:\> Get-AdfsCertificate -CertificateType "Token-Signing"

This command retrieves the token-signing certificates for AD FS.

Parameters

-CertificateType

Specifies the type of the certificate to retrieve. The acceptable values for this parameter are:

  • Infocard-Signing
  • Service-Communications
  • Token-Encryption
  • Token-Signing

Parameter properties

Type:

String[]

Default value:None
Accepted values:Service-Communications, Token-Decrypting, Token-Signing
Supports wildcards:False
DontShow:False

Parameter sets

ByType
Position:0
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Thumbprint

Specifies the thumbprint of the certificate to retrieve.

Parameter properties

Type:

String[]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

ByReference
Position:0
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

None

Outputs

Microsoft.IdentityServer.PowerShell.Resources.ServiceCertificate

Returns one or more ServiceCertificate objects that represent the certificate objects for AD FS.

Notes

  • You can use the Get-AdfsCertificate cmdlet without any parameters to get all the certificates.