Set-SPCertificateSettings
Configures certificate management settings.
Syntax
Set-SPCertificateSettings
[-OrganizationalUnit <String>]
[-Organization <String>]
[-Locality <String>]
[-State <String>]
[-Country <String>]
[-KeyAlgorithm <KeyAlgorithmGroup>]
[-KeySize <Int32>]
[-EllipticCurve <EllipticCurveType>]
[-HashAlgorithm <String>]
[-RsaSignaturePadding <RsaSignaturePaddingType>]
[-CertificateExpirationAttentionThreshold <Int32>]
[-CertificateExpirationWarningThreshold <Int32>]
[-CertificateExpirationErrorThreshold <Int32>]
[-AssignmentCollection <SPAssignmentCollection>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
SharePoint supports farm-wide default settings for certificate management. These include default properties for creating and renewing certificates and certificate health rule thresholds.
Examples
------------EXAMPLE-----------
Set-SPCertificateSettings -CertificateExpirationWarningThreshold 22This examples changes the certificate expiration warning threshold to 22 days. SharePoint will begin sending warnings about upcoming certificate expirations 22 days before they expire.
Parameters
-AssignmentCollection
Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.
When the Global parameter is used, all objects are contained in the global store. If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.
| Type: | SPAssignmentCollection |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-CertificateExpirationAttentionThreshold
Specifies the number of days before a certificate expires to trigger a certificate expiration notification. This is a reminder of upcoming certificate expirations that can be handled with normal priority. A certificate will only trigger a notification when it is assigned to SharePoint objects. This notification is disabled when set to 0.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CertificateExpirationErrorThreshold
Specifies the number of days after a certificate expired to trigger a certificate expiration alert. This is an alert about certificates that have already expired and should be handled with critical priority. A certificate will only trigger an alert when it is assigned to SharePoint objects. This alert is disabled when set to 0.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CertificateExpirationWarningThreshold
Specifies the number of days before a certificate expires to trigger a certificate expiration warning. This is a warning of imminent certificate expirations that should be handled with high priority. A certificate will only trigger a warning when it is assigned to SharePoint objects. This warning is disabled when set to 0.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Country
The 2 letter country code where your organization is legally located. This must be an ISO 3166-1 alpha-2 country code.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EllipticCurve
Specifies the elliptic curve of your public and private ECC keys.
Larger elliptic curves provide more cryptographic strength than smaller elliptic curves, but they're also more computationally expensive and take more time to complete the SSL/TLS connection. Select nistP256 if you're unsure which elliptic curve to use. Elliptic curves larger than nistP384 are not recommended.
| Type: | EllipticCurveType |
| Accepted values: | Default, nistP256, nistP384, nistP521 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HashAlgorithm
Specifies the hash algorithm of your certificate signature, which your certificate authority will use to verify that your certificate request hasn't been tampered with.
Larger hash algorithms provide more cryptographic strength than smaller hash algorithms, but they're also more computationally expensive. Select SHA256 if you're unsure which hash algorithm to use. Hash algorithms larger than SHA384 are not recommended.
| Type: | String |
| Accepted values: | Default, SHA256, SHA384, SHA512 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-KeyAlgorithm
Specifies the key algorithm for your certificate. This choice will be used for both the public key and the private key of your certificate.
RSA is the most common and widely supported key algorithm for certificates. Select the RSA algorithm if you're unsure which type of key your certificate authority supports.
ECC uses elliptic curve cryptography based on ECDSA keys with NIST P-256, P-384, or P-521 curves. SSL/TLS connections are faster to complete with ECC certificates than RSA certificates at the equivalent security strength. Verify that your certificate authority supports ECC certificates before selecting it.
| Type: | KeyAlgorithmGroup |
| Accepted values: | ECC, RSA |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-KeySize
Specifies the size of your public and private RSA keys in bits.
Larger key sizes provide more cryptographic strength than smaller key sizes, but they're also more computationally expensive and take more time to complete the SSL/TLS connection. Select 2048 if you're unsure which key size to use. Key sizes larger than 4096 are not recommended.
| Type: | Int32 |
| Accepted values: | 0, 2048, 4096, 8192, 16384 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Locality
The name of the city or locality where your organization is legally located. Do not abbreviate the name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Organization
The legally registered name of your organization or company.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-OrganizationalUnit
The name of your department within your organization or company.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RsaSignaturePadding
Specifies the RSA signature padding mode for creating and renewing certificates with RSA keys. Pkcs1 represents the RSASSA-PKCS1-v1_5 padding mode. Pss represents the RSASSA-PSS padding mode. The default RSA signature padding mode is Pkcs1.
| Type: | RsaSignaturePaddingType |
| Accepted values: | Default, Pkcs1, Pss |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-State
The name of the state or province where your organization is legally located. Do not abbreviate the name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |