New-AzVpnClientRevokedCertificate
Creates a new VPN client-revocation certificate.
Syntax
New-AzVpnClientRevokedCertificate
-Name <String>
-Thumbprint <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The New-AzVpnClientRevokedCertificate cmdlet creates a new virtual private network (VPN) client-revocation certificate for use on a virtual network gateway.
Client-revocation certificates prevent client computers from using the specified certificate for authentication.
This cmdlet creates a stand-alone certificate that is not assigned to a virtual gateway.
Instead, the certificate created by New-AzVpnClientRevokedCertificate is used in conjunction with the New-AzVirtualNetworkGateway cmdlet when it creates a new gateway.
For instance, suppose you create a new certificate and store it in a variable named $Certificate.
You can then use that certificate object when you create a new virtual gateway.
For instance,
New-AzVirtualNetworkGateway -Name "ContosoVirtualGateway" -ResourceGroupName "ContosoResourceGroup" -Location "West US" -GatewayType "VPN" -IpConfigurations $Ipconfig -VPNType "RouteBased" -VpnClientRevokedCertificates $Certificate
For more information, see the documentation for the New-AzVirtualNetworkGateway cmdlet.
Examples
Example 1: Create a new client-revoked certificate
$Certificate = New-AzVpnClientRevokedCertificate -Name "ContosoClientRevokedCertificate" -Thumbprint "E3A38EBA60CAA1C162785A2E1C44A15AD450199C3"This command creates a new client-revoked certificate and stores the certificate object in a variable named $Certificate. This variable can then be used by the New-AzVirtualNetworkGateway cmdlet to add the certificate to a new virtual network gateway.
Parameters
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Specifies a unique name for the new client-revocation certificate.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Thumbprint
Specifies the unique identifier of the certificate being added.
You can return thumbprint information for your certificates by using a Windows PowerShell command similar to this:
Get-ChildItem -Path Cert:\LocalMachine\Root
The preceding command returns information for all the Local Computer certificates found in the Root certificate store.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
