Managing Certificates (Workflow Manager 1.0)
Updated: October 24, 2012
Several cmdlets are available for managing the certificates that secure communications for Workflow Manager.
Anytime you plan to set or change any of the certificates for a farm, you must first stop all of the nodes in the farm using the T:Microsoft.Workflow.Deployment.Commands.Stop-WFHost cmdlet, then restart each node using the T:Microsoft.Workflow.Deployment.Commands.Start-WFHost cmdlet to load the new configuration.
Specifying Workflow SSL Certificates
The Workflow Manager SSL certificate secures internal communications between nodes in the farm. You can use the T:Microsoft.Workflow.Deployment.Commands.Set-WFCertificate to change the certificate after the computer joins a farm.
Specifying the CertificateAutogenerationKey
The T:Microsoft.Workflow.Deployment.Commands.Set-WFCertificateAutoGenerationKey cmdlet changes the key used to secure auto generated certificates.
T:Microsoft.Workflow.Deployment.Commands.Set-WFCertificateAutoGenerationKey cmdlet re-generates the certification authority and the certificates.
Propagating Workflow Manager Certificate Changes
The T:Microsoft.Workflow.Deployment.Commands.Update-WFHost Update-WFHost cmdlet propagates any changes in farm certificates made with the Set-WFCertificate cmdlet to each machine in a farm. Use the following procedure:
Call T:Microsoft.Workflow.Deployment.Commands.Set-WFCertificate cmdlet with the new certificates.
For every machine:
Stop the workflow services on the computer by using T:Microsoft.Workflow.Deployment.Commands.Stop-WFHost.
Update the certificates on each machine in the farm by running T:Microsoft.Workflow.Deployment.Commands.Update-WFHost.
Restart the workflow services on each computer in the farm by running T:Microsoft.Workflow.Deployment.Commands.Start-WFHost.
Displaying Certificate Data
The T:Microsoft.Workflow.Deployment.Commands.Get-WFFarm cmdlet displays the configuration information from the certificates described in this section.