Add-ADFSCertificate
Add-ADFSCertificate
Adds a new certificate to the Federation Service for signing, decrypting, or securing communications.
Syntax
Parameter Set: Default
Add-ADFSCertificate -CertificateType <String> -Thumbprint <String> [-IsPrimary] [-PassThru] [-Confirm] [-WhatIf] [ <CommonParameters>]
Detailed Description
The Add-ADFSCertificate cmdlet adds a new certificate to the Federation Service for token signing, token decrypting, card signing or securing communications.
Parameters
-CertificateType<String>
Specifies the type and purpose of the certificate. Possible certificate types include the following:
Token-Signing, Token-Encryption or Service-Communications.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-IsPrimary
Specifies whether the certificate is primary or not. Primary token-signing certificates are used to digitally sign outgoing claims. Primary token-encrypting certificates are published in federation metadata for use by trusted claims providers. Service communications certificates are always primary certificates.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-PassThru
Passes an object to the pipeline. By default, this cmdlet does not generate any output.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Thumbprint<String>
Specifies the thumbprint of the certificate to use.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByValue) |
Accept Wildcard Characters? |
false |
-Confirm
Prompts you for confirmation before running the cmdlet.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
- None
Outputs
The output type is the type of the objects that the cmdlet emits.
- None
Notes
- Active Directory Federation Services (AD FS) 2.0 uses certificates for issuing and receiving tokens, publishing federation metadata and communicating through Secure Sockets Layer (SSL).
Examples
-------------------------- EXAMPLE 1 --------------------------
Description
-----------
Adds a token-signing certificate with the thumbprint fedd995b45e633d4ef30fcbc8f3a48b627e9a28b.
C:\PS>Add-ADFSCertificate -CertificateType "Token-Signing" -Thumbprint fedd995b45e633d4ef30fcbc8f3a48b627e9a28b