Set-HgsKeyProtectionCertificate

Modifies properties of a key certificate in the Key Protection Service.

Syntax

Set-HgsKeyProtectionCertificate
   -CertificateType <KeyCertificateType>
   -Thumbprint <String>
   [-IsEnabled <Boolean>]
   [-IsPrimary]
   [-Force]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Set-HgsKeyProtectionCertificate cmdlet modifies properties of a key certificate in the Key Protection Service. You can make a certificate into the primary certificate. The primary certificate is used to sign and encrypt new key protectors. You can enable or disable a certificate. You can use enabled certificates for either signing or encryption. A disabled certificate cannot be the primary certificate.

Examples

Example 1: Disable a key certificate

PS C:\> Set-HgsKeyProtectionCertificate -CertificateType Signing -Thumbprint "a0e2650e25084961a24da956d132a5fa" -IsEnabled $False

This command disables a signing key certificate.

Example 2: Designate a certificate as the primary certificate

PS C:\> Set-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint "a17dd68f4ecc499bbe65ee18718123da" -IsPrimary

This command designates a certificate as the primary certificate.

Required Parameters

-CertificateType

Specifies of the type of the certificate that this cmdlet modifies. The acceptable values for this parameter are:

  • Signing
  • Encryption
Type:KeyCertificateType
Parameter Sets:Signing, Encryption
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Thumbprint

Specifies the thumbprint of the certificate to modify.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False
-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-IsEnabled

Indicates whether to enable a certificate.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-IsPrimary

Indicates that this cmdlet makes a certificate into the primary certificate.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

You cannot pipe input to this cmdlet.

Outputs

None

This cmdlet does not generate any output.