Switch-Certificate
Marks one certificate as having been replaced by another certificate.
Syntax
Switch-Certificate
[-NotifyOnly]
[-NewCert] <Certificate>
[-OldCert] <Certificate>
[-WhatIf]
[-Confirm]
[<CommonParameters>]Description
The Switch-Certificate cmdlet marks one certificate as having been replaced by another
certificate. This cmdlet triggers a replace certificate notification and optionally sets the renewal
property on the certificate being replaced.
Examples
EXAMPLE 1
$params = @{
OldCert = 'Cert:\LocalMachine\My\E42DBC3B3F2771990A9B3E35D0C3C422779DACD7'
NewCert = 'Cert:\LocalMachine\My\4A346B4385F139CA843912D358D765AB8DEE9FD4'
}
Switch-Certificate @paramsThis example sets the renewal property of the certificate with the thumbprint E42DBC3B3F2771990A9B3E35D0C3C422779DACD7 as renewed by the certificate with the thumbprint 4A346B4385F139CA843912D358D765AB8DEE9FD4 and generates a replace certificate notification.
EXAMPLE 2
Set-Location -Path cert:\LocalMachine\My
$oldCert = Get-ChildItem -Path E42DBC3B3F2771990A9B3E35D0C3C422779DACD7
$newCert = Get-ChildItem -Path 4A346B4385F139CA843912D358D765AB8DEE9FD4
Switch-Certificate -OldCert $oldCert -NewCert $newCert -NotifyOnlyThis example locates two certificates in the machine MY store and assigns them the variables
$oldCert and $newCert. This cmdlet then generates a replacement notification without changing a
renewal property of the old certificate.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-NewCert
Specifies an X509 certificate or a certificate path for the certificate that replaces the certificate specified with the OldCert parameter.
| Type: | Microsoft.CertificateServices.Commands.Certificate |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-NotifyOnly
Creates a replacement certificate notification without replacing the NewCert parameter with the
OldCert parameter. This mode is useful when testing a script that was registered with the
New-CertificateNotificationTask cmdlet.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-OldCert
Specifies an X509 certificate or a certificate path in the certificate provider for the certificate to be replaced.
| Type: | Microsoft.CertificateServices.Commands.Certificate |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.CertificateServices.Commands.Certificate
The Certificate object can either be provided as a Path object to a certificate or an X509Certificate2 object.
Outputs
None