Certificates Command
You can use the Certificates command to change how certificates are configured for client authentication in a deployment of Visual Studio Team Foundation Server (TFS) that utilizes HTTPS, secure sockets layer (SSL), and certificates. By default, the Certificates command will automatically select a client certificate from the certificate list for the current user. However, you can use the options for the command to specify a specific certificate or certificates from the current user context or from the local machine context.
Before you use the Certificates command, you must first configure the servers in your deployment of TFS to utilize certificates. For more information, see Setting up HTTPS with Secure Sockets Layer (SSL) for Team Foundation Server.
Required Permissions
To use the Certificates command, you must be a member of the Team Foundation Administrators security group and the local Administrators group on the computer from which you run the command. For more information, see Team Foundation Server Permissions.
Note
Even if you log on with administrative credentials, you must open an elevated Command Prompt window to perform this function.
TFSConfig Certificates [/machine] [/disable] [/autoSelect] [/noprompt] [/thumbprints:thumbprint1[,thumbprint2,...]]
Parameters
Placeholder |
Description |
---|---|
Thumbprint |
Specifies the hexadecimal string that contains the secure hash algorithm (SHA) in SHA-1 hash form of the certificate that you want to use. For more information about how to find the thumbprint for a certificate, see the following page on the Microsoft Web site: How to: Retrieve the Thumbprint of a Certificate. |
Option |
Description |
---|---|
/machine |
Specifies that the certificate list will be from the local machine context instead of the current user context. |
/disable |
Specifies that the client authentication certificate setting will be disabled. |
/autoSelect |
Specifies that a certificate will be automatically selected from the certificate list. The Manage Client Certificates window will not open. |
/noprompt |
Specifies that the Manage Client Certificates window will not open when the Certificates command is run. |
/thumbprints:thumbprint |
Specifies that the certificate that matches the specified thumbprint will be used. You can specify more than one certificate by separating individual thumbprints with a comma. |
Remarks
You use the Certificates command to configure the client certificates that are used by a deployment of TFS that has been configured to use HTTPS/SSL and certificates. If you use the Certificates command with no options, a client certificate will be automatically selected from the current user context from which you run the command.
Example
The following example shows how to specify the local machine certificate that has the thumbprint "aa bb cc dd ee" with no prompting.
Note
The examples are for illustration only and are fictitious. No real association is intended or inferred.
TFSConfig Certificates /machine /thumbprint:aa bb cc dd ee /noprompt
The following example shows how to specify using automatic selection of a client certificate from the current user store.
TFSConfig Certificates /autoselect
See Also
Concepts
Team Foundation Server Architecture