Install-DeviceHealthAttestation
Installs the Device Health Attestation service.
Syntax
Install (Default)
Install-DeviceHealthAttestation
-EncryptionCertificateThumbprint <String>
-SigningCertificateThumbprint <String>
-SupportedAuthenticationSchema <String>
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
InstallAndAddSslBinding
Install-DeviceHealthAttestation
-EncryptionCertificateThumbprint <String>
-SigningCertificateThumbprint <String>
-SslCertificateThumbprint <String>
-SupportedAuthenticationSchema <String>
[-SslCertificateStoreName <StoreName>]
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Install-DeviceHealthAttestation cmdlet installs the Device Health Attestation service and configures its dependencies. Before you can install the service, you must add the Device Health Attestation service role.
The installation does the following:
- Creates an application pool.
- Creates a web application.
- Adds a firewall rule for incoming requests.
- Sets the initial configuration.
- Registers user access logging.
You must have administrator rights to run this cmdlet.
Examples
Example 1: Install the Device Health Attestation service
PS C:\> Install-DeviceHealthAttestation -EncryptionCertificateThumbprint "0123456789ABCDEF0123456789ABCDEF01234567" -SigningCertificateThumbprint "0123456789ABCDEF0123456789ABCDEF01234567" -SupportedAuthenticationSchema "AikPub,EkCertificate"
This command installs the Device Health Attestation service.
Example 2: Install the Device Health Attestation service with SSL
PS C:\> Install-DeviceHealthAttestation -EncryptionCertificateThumbprint "0123456789ABCDEF0123456789ABCDEF01234567" -SigningCertificateThumbprint "0123456789ABCDEF0123456789ABCDEF01234567" -SupportedAuthenticationSchema "AikPub,EkCertificate" -SslCertificateThumbprint "0123456789ABCDEF0123456789ABCDEF01234567" -SslCertificateStoreName "My"
This command installs the Device Health Attestation service with SSL bindings.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EncryptionCertificateThumbprint
Specifies the encryption certificate thumbprint. The value must contain only hexadecimal digits (0-9, A-F) and be 40 characters in length. This value is case-insensitive.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Force
Forces the command to run without asking for user confirmation.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SigningCertificateThumbprint
Specifies the signing certificate thumbprint. The value must contain only hexadecimal digits (0-9, A-F) and be 40 characters in length. This value is case-insensitive.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SslCertificateStoreName
Specifies the certificate store that contains the certificate referenced by the SslCertificateThumbprint parameter. The acceptable values for this parameter are:
- AddressBook
- AuthRoot
- CertificateAuthority
- Disallowed
- My
- Root
- TrustedPeople
- TrustedPublisher
Parameter properties
| Type: | StoreName |
| Default value: | None |
| Accepted values: | AddressBook, AuthRoot, CertificateAuthority, Disallowed, My, Root, TrustedPeople, TrustedPublisher |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
InstallAndAddSslBinding
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SslCertificateThumbprint
Specifies the thumbprint of the certificate to use for server SSL binding. The value must contain only hexadecimal digits (0-9, A-F) and be 40 characters in length. This value is case-insensitive.
If you specify SslCertificateThumbprint, the cmdlet creates an SSL binding on the default website. If you specify this parameter, you must also specify the SslCertificateStoreName parameter.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
InstallAndAddSslBinding
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SupportedAuthenticationSchema
Specifies, in a comma-separated list, the authentication schema that the Device Health Attestation service supports. The acceptable values for this parameter are:
- AikPub
- AikCertificate
- EkCertificate
You cannot specify both AikCertificate and EkCertificate in the same command.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.