Remove-CAAuthorityInformationAccess

Removes AIA or OCSP URI from the AIA extension set on the certification authority.

Syntax

Remove-CAAuthorityInformationAccess
      [-Uri] <String>
      [-AddToCertificateAia]
      [-Force]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CAAuthorityInformationAccess
      [-Uri] <String>
      [-AddToCertificateOcsp]
      [-Force]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Remove-CAAuthorityInformationAccess cmdlet removes the Authority Information Access (AIA) or Online Certificate Status Protocol (OCSP) uniform resource information (URI) from the AIA extension set on the certification authority.

Examples

Example 1: Remove AIA for a specified URI

PS C:\> Remove-CAAuthorityInformationAccess -Uri "http://www.contoso.com/pki/orca1.crt" -AddToCertificateAia

This command removes AIA for the specified URI named http://www.contoso.com/pki/orca1.crt.

Example 2: Remove OCSP for a specified URI

PS C:\> Remove-CAAuthorityInformationAccess -Uri "http://www.cpandl.com/ocsp/" -AddToCertificateOcsp

This command removes the OCSP for the specified URI named http://www.cpandl.com/ocsp.

Example 3: Remove all AIA and OCSP entries for a specified URI

PS C:\> Remove-CAAuthorityInformationAccess -Uri "http://www.contoso.com/pki/orca1.crt"

This command removes all AIA and OCSP entries that match the URL http://www.contoso.com/pki/orca1.crt.

Example 4: Remove all AIA entries

$AIA = Get-CAAuthorityInformationAccess
$AIA | Remove-CAAuthorityInformationAccess

This example removes all AIA entries

The first command gets the certificate authority information and stores the information in the variable named $AIA.

The second command removes all the AIA entries that are stored in the $AIA variable.

Parameters

-AddToCertificateAia

Indicates that the cmdlet adds the AIA URI.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-AddToCertificateOcsp

Indicates that the cmdlet adds an Online Responder's URI.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Uri

Specifies the URI from where the certificate for the CA can be downloaded or the online responder information can be obtained. This information is added to the CA properties and registry.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

SwitchParameter

Outputs

Microsoft.CertificateServices.Administration.Commands.CA.AuthorityInformationAccessResult

Notes

  • You must be a member of Enterprise Admins group to successfully run this command.