Set-DHASCertificateChainPolicy
Sets certificate chain policy.
Syntax
SetCertificateChainPolicy (Default)
Set-DHASCertificateChainPolicy
[-CertificateChainPolicy] <CertificateChainPolicy>
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
SetCertificateChainPolicyComponents
Set-DHASCertificateChainPolicy
-RevocationFlag <String>
-RevocationMode <String>
-VerificationFlags <String>
-UrlRetrievalTimeout <String>
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Set-DHASCertificateChainPolicy cmdlet sets the certificate chain policy that the Device Health Attestation service enforces. The certificate chain policy specifies parameters for certificate chain verification and revocation behavior.
You can specify a CertificateChainPolicy object to use as input, or alternatively, you can specify the components that comprise a CertificateChainPolicy. The components to specify as input are:
- RevocationFlag.
- RevocationMode.
- VerificationFlags.
- UrlRetrievalTimeout.
You must have administrator rights to run this cmdlets.
Examples
Example 1: Set certificate chain policy with a CertificateChainPolicy object
PS C:\> $policy = Get-DHASCertificateChainPolicy
PS C:\> $policy.RevocationFlag = "ExcludeRoot"
PS C:\> Set-DHASCertificateChainPolicy -CertificateChainPolicy $policy
The first command gets the CertificateChainPolicy object, and then stores it in the $policy variable.
The second command sets the RevocationFlag property of the policy to ExcludeRoot.
The third command sets the policy to include the new value for RevocationFlag.
Example 2: Set certificate chain policy with its components
PS C:\> Set-DHASCertificateChainPolicy -RevocationFlag "ExcludeRoot" -RevocationMode "NoCheck" -VerificationFlags "NoFlag" -UrlRetrievalTimeout "00:01:00"
This command modifies the certificate chain policy by specifying a value for each of its components.
Parameters
-CertificateChainPolicy
Specifies the certificate chain policy to use.
Parameter properties
| Type: | CertificateChainPolicy |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
SetCertificateChainPolicy
| Position: | 0 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Force
Forces the command to run without asking for user confirmation.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RevocationFlag
Specifies a .NET X509RevocationFlag enumeration.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
SetCertificateChainPolicyComponents
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RevocationMode
Specifies a .NET X509RevocationMode enumeration.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
SetCertificateChainPolicyComponents
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-UrlRetrievalTimeout
Specifies a .NET TimeSpan structure.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
SetCertificateChainPolicyComponents
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-VerificationFlags
Specifies a .NET X509VerificationFlags enumeration.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
SetCertificateChainPolicyComponents
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.