Enable-TlsSessionTicketKey
Configures a TLS server with a TLS session ticket key.
Enable-TlsSessionTicketKey
[-ServiceAccountName] <NTAccount>
[-Path] <String>
[-Password] <SecureString>
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
The Enable-TlsSessionTicketKey
cmdlet configures a Transport Layer Security (TLS) server with an
administrator-managed TLS session ticket key, created with New-TlsSessionTicketKey, and configures
the rule that uses the key for the application service account. For example, Internet Information
Services (IIS) runs under System account so the _ServiceAccountName parameter should be System.
TLS creates a session ticket by using the TLS Session Resumption without Server-Side State mechanism.
For more information, see New-TlsSessionTicketKey or type Get-Help New-TlsSessionTicketKey
.
$Password = Read-Host -AsSecureString
Enable-TlsSessionTicketKey -Password $Password -Path 'C:\KeyConfig\TlsSessionTicketKey.config' -ServiceAccountName NetworkService
The second command configures the session ticket key for the TLS server. The command specifies the
path for the configuration file on the TLS server, and specifies that the TLS session use the
password stored in $Password
to access the configuration file and configure the key for the
specified service account.
$Password = Read-Host -AsSecureString
Enable-TlsSessionTicketKey -Password $Password -Path 'C:\KeyConfig\TlsSessionTicketKey.config' -ServiceAccountName System
The second command configures the session ticket key for the TLS server. The command specifies the
path for the configuration file on the TLS server, and specifies that the TLS session use the
password stored in $Password
to access the configuration file and configure the key for the
specified service account.
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Forces the command to run without asking for user confirmation.
If you specify this parameter, the cmdlet overwrites the existing session ticket key and configuration.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the password, as a secure string, for the configuration file of the TLS server.
Type: | SecureString |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Specifies the path of the configuration file for the TLS server.
Type: | String |
Aliases: | FullName |
Position: | 2 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Specifies the name of a service account. The cmdlet configures the TLS session ticket key for the service account. Only System, LocalService, NetworkService, and SID of virtual accounts are supported.
Type: | NTAccount |
Position: | 3 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |