Set-ADFSCertificate
Set-ADFSCertificate
Sets the properties of an existing certificate that the Federation Service uses to sign, decrypt, or secure communications.
Syntax
Parameter Set: Default
Set-ADFSCertificate -CertificateType <String> -Thumbprint <String> [-IsPrimary] [-PassThru] [-Confirm] [-WhatIf] [ <CommonParameters>]
Detailed Description
The Set-ADFSCertificate cmdlet sets the properties of an existing certificate that the Federation Service uses to sign, decrypt, or secure communications.
Parameters
-CertificateType<String>
Specifies the certificate type (that is, how the Federation Service uses the certificate). Accepted values are Infocard-Signing, Service-Communications, Token-Encryption, and Token-Signing.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-IsPrimary
Specifies whether the certificate is primary or not. Primary token-signing certificates are used to digitally sign outgoing claims. Primary token-encrypting certificates are published in federation metadata for use by trusted claims providers. Information Card signing and service communications certificates are always primary.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-PassThru
Not Specified
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Thumbprint<String>
Specifies the thumbprint of the certificate to use.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByValue) |
Accept Wildcard Characters? |
false |
-Confirm
Prompts you for confirmation before running the cmdlet.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
Microsoft.IdentityServer.PowerShell.Resources.ServiceCertificate
A class structure that represents a service certificate.
Outputs
The output type is the type of the objects that the cmdlet emits.
- None
Notes
- You can modify the certificates that are associated with a relying party or a claims provider by using Set-ADFSRelyingPartyTrust or Set-ClaimsProviderTrust, as appropriate.
Examples
-------------------------- EXAMPLE 1 --------------------------
Description
-----------
Sets the primary token-signing certificate.
C:\PS>Set-ADFSCertificate -IsPrimary -CertificateType Token-Signing -Thumbprint fedd995b45e633d4ef30fcbc8f3a48b627e9a28b