Set-HgsClientConfiguration

Modifies the configuration of a Host Guardian Service client.

Syntax

Set-HgsClientConfiguration
   [-EnableLocalMode]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Set-HgsClientConfiguration
   -KeyProtectionServerUrl <String>
   -AttestationServerUrl <String>
   -FallbackKeyProtectionServerUrl <String>
   -FallbackAttestationServerUrl <String>
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Set-HgsClientConfiguration
   -KeyProtectionServerUrl <String>
   -AttestationServerUrl <String>
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Set-HgsClientConfiguration cmdlet modifies the configuration of a Host Guardian Service client. You can configure the client in either local mode or Host Guardian Service mode. In local mode, there is no attestation and the client keeps key material.

Examples

Example 1: Set an attestation and key protection servers

PS C:\> Set-HgsClientConfiguration -AttestationServerUrl "https://DemoHgs.Contoso.com/Attestation" -KeyProtectionServerUrl "https://DemoHgs.Contoso.com/KeyProtection"

This command configures the URLs used by the attestation client and the key protection client. Use this command to configure the local host to run in Host Guardian Service mode.

Example 2: Change the mode to Local

PS C:\> Set-HgsClientConfiguration -EnableLocalMode

This command changes the Host Guardian Service client from Host Guardian Service mode to Local mode. This command resets the attestation server URL and the key protection server URL.

Parameters

-AttestationServerUrl

Specifies the URL of an attestation server. A Host Guardian Service client in Secure Hosting Service mode uses the server that this parameter specifies.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableLocalMode

Indicates that this cmdlet changes the mode of client from Host Guardian Service to Local mode. A change in mode to Local resets the attestation server and key protection server URLs.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-FallbackAttestationServerUrl

Specifies the URL of an attestation server to use if the primary attestation server cannot be reached.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-FallbackKeyProtectionServerUrl

Specifies the URL of a key protection server to use if the primary attestation server cannot be reached.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-KeyProtectionServerUrl

Specifies the URL of a key protection server. A Host Guardian Service client in Secure Hosting Service mode uses the server that this parameter specifies.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Outputs

CimInstance

An HGS client configuration object containing information about the operating mode, configured URLs, and result of the most recent attestation attempt, if applicable.