Set-RDCertificate

Imports or applies a certificate to use with an RDS role.

Syntax

Set-RDCertificate
   [-Role] <RDCertificateRole>
   [-Password <SecureString>]
   [-ConnectionBroker <String>]
   [-Force]
   [<CommonParameters>]
Set-RDCertificate
   [-Role] <RDCertificateRole>
   [-ImportPath <String>]
   [-Password <SecureString>]
   [-ConnectionBroker <String>]
   [-Force]
   [<CommonParameters>]
Set-RDCertificate
   [-Role] <RDCertificateRole>
   [-Thumbprint <String>]
   [-ConnectionBroker <String>]
   [-Force]
   [<CommonParameters>]

Description

The Set-RDCertificate cmdlet imports a certificate or applies an installed certificate to use with a Remote Desktop Services (RDS) role. You can use this cmdlet to secure an existing certificate by using a secure string supplied by the user.

Examples

Example 1: import a certificate to use with RDS

The following example imports a certificate to use with an RDS role.

PS C:\> $Password = ConvertTo-SecureString -String "Cups34Horses&&" -AsPlainText -Force PS C:\>Set-RDCertificate -Role RDRedirector -ImportPath "C:\Certificates\Redirector07.pfx" -Password $Password -ConnectionBroker "RDCB.Contoso.com"

The first part of the example uses the ConvertTo-SecureString cmdlet to create a secure string based on a string that the user supplies and stores it in the $Password variable. For more information, see ConvertTo-SecureString. You can also enter the Get-Help ConvertTo-SecureString cmdlet into your PowerShell window.

The second part of the example specifies the file name of the certificate to use for the redirector role for the RD Connection Broker named RDCB.Contoso.com. The cmdlet uses the secure string stored in the $Password variable to help secure the certificate.

Example 2: apply a secure string to a certificate

The following example cmdlet applies a new secure string to an RDS role certificate.

PS C:\> $Password = ConvertTo-SecureString -String "Wings%%83Potato" -AsPlainText -Force PS C:\>Set-RDCertificate -Role RDRedirector -Password $Password -ConnectionBroker "RDCB.Contoso.com"

The first part of the example uses the ConvertTo-SecureString cmdlet to create a secure string based on a string that the user supplies and stores it in the $Password variable.

The second part of the example uses the secure string stored in the $Password variable to secure the certificate used for the redirector role for the RD Connection Broker named RDCB.Contoso.com.

Example 3: apply an installed certificate to use with RDS

The following example applies an existing certificate to use with an RDS role.

PS C:\> Set-RDCertificate -Role RDRedirector -Thumbprint fedd995b45e633d4ef30fcbc8f3a48b627e9a28b -ConnectionBroker "RDCB.Contoso.com"

The first part of the example specifies the thumbprint of the certificate to use for the RD Connection Broker's redirector role, which in this example is named "RDCB.Contoso.com." The certificate must be installed in the "localmachine\my" store on each server running the specified RDS role. The -Thumbprint parameter is only available in Windows Server 2019.

Parameters

-ConnectionBroker

This parameter specifies the Remote Desktop Connection Broker (RD Connection Broker) server for a Remote Desktop deployment.

If you don't specify a value, the cmdlet uses the local computer's fully qualified domain name (FQDN).

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Force

This parameter performs the action without a confirmation message.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ImportPath

This parameter specifies the location of a certificate as a file that has a .pfx extension.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Password

This parameter specifies a secure string used to help secure the certificate.

See the Examples section.

Type:SecureString
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Role

This parameter specifies a certificate type associated with an RDS server role.

The acceptable values for this parameter are:

  • RDGateway
  • RDWebAccess
  • RDRedirector
  • RDPublishing
Type:RDCertificateRole
Accepted values:RDGateway, RDWebAccess, RDRedirector, RDPublishing
Position:0
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Thumbprint

This parameter specifies the thumbprint of the certificate to use. Currently, it is only available in Windows Server 2019.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

System.Object