Get-CMTrustedRootCertificate

Gets a trusted root certificate for Configuration Manager.

Syntax

Get-CMTrustedRootCertificate
   [-CAServerName <String>]
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [<CommonParameters>]

Description

The Get-CMTrustedRootCertificate cmdlet gets a trusted root certificate for Microsoft System Center Configuration Manager. For native mode communication, System Center Configuration Manager authenticates, encrypts, and signs communications based on public key infrastructure (PKI) keys that depend on trusted root certificate. Devices that communicate by using certificates must have a root certificate in common. Devices in your System Center Configuration Manager hierarchy might have different root certificates. If so, install all necessary trusted root certificates.

Computers that run the Windows operating system, as well as many other devices, rely on some well-known third-party root certificates. If you deploy your own PKI, install the required root certificate.

Examples

Example 1: Get a trusted root certificate

PS C:\> Get-CMTrustedRootCertificate -CertificationAuthorityServerName "ContosoCA.Contoso.com"

This command gets a trusted root certificate from the internal server named ContosoCA.Contoso.com.

Optional Parameters

-CAServerName
Type:String
Aliases:CertificationAuthorityServerName
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DisableWildcardHandling

DisableWildcardHandling treats wildcard characters as literal character values. Cannot be combined with ForceWildcardHandling.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ForceWildcardHandling

ForceWildcardHandling processes wildcard characters and may lead to unexpected behavior (not recommended). Cannot be combined with DisableWildcardHandling.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False