Set-AdfsCertificate
Sets the properties of an existing certificate that AD FS uses to sign, decrypt, or secure communications.
Syntax
Set-AdfsCertificate
-CertificateType <String>
-Thumbprint <String>
[-IsPrimary]
[-PassThru]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Set-AdfsCertificate cmdlet sets the properties of an existing certificate that Active Directory Federation Services (AD FS) uses to sign, decrypt, or secure communications.
Examples
Example 1: Set a certificate
PS C:\> Set-AdfsCertificate -IsPrimary -CertificateType "Token-Signing" -Thumbprint "fedd995b45e633d4ef30fcbc8f3a48b627e9a28b"
This command sets the primary token-signing certificate.
Parameters
-CertificateType
Specifies the certificate type (that is, how the Federation Service uses the certificate). The acceptable values for this parameter are:
- Service-Communications
- Token-Decrypting
- Token-Signing
Type: | String |
Accepted values: | Service-Communications, Token-Decrypting, Token-Signing |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsPrimary
Indicates that the certificate is primary. Primary token-signing certificates are used to digitally sign outgoing claims. Primary token-encrypting certificates are published in federation metadata for use by trusted claims providers. Information Card signing and service communications certificates are always primary.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Thumbprint
Specifies the thumbprint of the certificate to use.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
A String object is received by the Thumbprint parameter.
Outputs
Microsoft.IdentityServer.PowerShell.Resources.ServiceCertificate
Returns the updated ServiceCertificate object when the PassThru parameter is specified. By default, this cmdlet does not generate any output.
Notes
- Use the Set-AdfsRelyingPartyTrust or Set-AdfsClaimsProviderTrust cmdlets, as appropriate, to modify the certificates that are associated with a relying party or a claims provider.
Related Links
Commentaires
https://aka.ms/ContentUserFeedback.
Bientôt disponible : Tout au long de 2024, nous allons supprimer progressivement GitHub Issues comme mécanisme de commentaires pour le contenu et le remplacer par un nouveau système de commentaires. Pour plus d’informations, consultezEnvoyer et afficher des commentaires pour