Set-HgsKeyProtectionConfiguration
Modifies the configuration of the Key Protection Service.
Syntax
CertificateReference (Default)
Set-HgsKeyProtectionConfiguration
-CommunicationsCertificateThumbprint <String>
[-NoCommunicationsCertificateReplication]
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
FullCertificate
Set-HgsKeyProtectionConfiguration
-CommunicationsCertificatePath <String>
[-CommunicationsCertificatePassword <SecureString>]
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Set-HgsKeyProtectionConfiguration cmdlet assigns a communication certificate to the Key Protection Service that runs on the local computer. The Key Protection Service uses the communication certificate to sign the metadata document that the service provides.
Examples
Example 1: Assign a certificate to be the communication certificate
PS C:\> Set-HgsKeyProtectionConfiguration -CommunicationsCertificateThumbprint "d39203a3b3544743ad552afe0615dc1f" -Force
This command assigns the certificate that has the specified thumbprint to be the communication certificate for the Key Protection Service. The command specifies the Force, and so, it does not prompt you for confirmation.
Example 2: Assign a certificate file to be the communications certificate
PS C:\> Set-HgsKeyProtectionConfiguration -CommunicationsCertificatePath "C:\example.pfx"
Set-HgsKeyProtectionConfiguration -CommunicationsCertificateThumbprint "d39203a3b3544743ad552afe0615dc1f" -Force
This command assigns a certificate file to be the communications certificate for the Key Protection Service.
Example 3: Assign a certificate file with a password to be the communications certificate
PS C:\> Set-HgsKeyProtectionConfiguration -CommunicationsCertificatePath "C:\example.pfx" -CommunicationsCertificatePassword $Password
This command assigns a password-protected certificate file to be the communications certificate for the Key Protection Service. The certificate password is stored as a SecureString in the $Password variable.
Parameters
-CommunicationsCertificatePassword
Specifies the password which protects a certificate file. If the certificate file is protected by a password, you must specify this value.
Parameter properties
| Type: | SecureString |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
FullCertificate
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CommunicationsCertificatePath
Specifies the path to the certificate which will be added to the Key Protection Service as the communications certificate.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
FullCertificate
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CommunicationsCertificateThumbprint
Specifies the thumbprint of the new communications certificate. Before you run this cmdlet, the certificate that this parameter specifies needs to already be in the LocalMachine\My certificate store.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CertificateReference
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Force
Forces the command to run without asking for user confirmation.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-NoCommunicationsCertificateReplication
The Set-HgsKeyProtectionConfiguration cmdlet assigns a communication certificate to the Key Protection Service that runs on the local computer. The Key Protection Service uses the communication certificate to sign the metadata document that the service provides.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CertificateReference
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
You cannot pipe input to this cmdlet.
Outputs
None
This cmdlet does not generate any output.