Set-ADFSCertificate
Set-ADFSCertificate
Sets the properties of an existing certificate that the Federation Service uses to sign, decrypt, or secure communications.
Syntax
Set-ADFSCertificate -CertificateType <string> -Thumbprint <string> [-IsPrimary <switch>] [-PassThru <switch>] [-Confirm] [-WhatIf] [<CommonParameters>]
CertificateType
Thumbprint
IsPrimary
PassThru
Confirm
WhatIf
Detailed Description
The Set-ADFSCertificate cmdlet sets the properties of an existing certificate that the Federation Service uses to sign, decrypt, or secure communications.
Parameters
CertificateType
Specifies the certificate type (that is, how the Federation Service uses the certificate). Accepted values are Service-Communications, Token-Encryption, and Token-Signing.
Default Value: **
Data Type: string
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
false |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
IsPrimary
Specifies whether the certificate is primary or not. Primary token-signing certificates are used to digitally sign outgoing claims. Primary token-encrypting certificates are published in federation metadata for use by trusted claims providers. Service communications certificates are always primary.
Default Value: **
Data Type: switch
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
false |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
false |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
PassThru
Not Specified
Default Value: **
Data Type: switch
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
false |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
false |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
Thumbprint
Specifies the thumbprint of the certificate to use.
Default Value: **
Data Type: string
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
true (ByValue) |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
Confirm
Prompts you for confirmation before executing the command.
Default Value: **
Data Type: SwitchParameter
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
true |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
false |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
false |
variableLength |
WhatIf
Describes what would happen if you executed the command without actually executing the command.
Default Value: **
Data Type: SwitchParameter
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
true |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
false |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
false |
variableLength |
Input Type
Microsoft.IdentityServer.PowerShell.Resources.ServiceCertificate
A class structure that represents a service certificate.
Return Type
None
Notes
- You can modify the certificates that are associated with a relying party or a claims provider by using Set-ADFSRelyingPartyTrust or Set-ClaimsProviderTrust, as appropriate.
Examples
-------------------------- EXAMPLE 1 --------------------------
Command Prompt: C:\PS>
Set-ADFSCertificate -IsPrimary -CertificateType Token-Signing -Thumbprint fedd995b45e633d4ef30fcbc8f3a48b627e9a28b
Description
-----------
Sets the primary token-signing certificate.
See Also
Reference
Add-ADFSCertificate
Get-ADFSCertificate
Remove-ADFSCertificate
Update-ADFSCertificate