Add-AzServiceFabricClusterCertificate

Add a secondary cluster certificate to the cluster.

Syntax

Add-AzServiceFabricClusterCertificate
   [-ResourceGroupName] <String>
   [-Name] <String>
   -SecretIdentifier <String>
   [-CertificateCommonName <String>]
   [-CertificateIssuerThumbprint <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-AzServiceFabricClusterCertificate
   [-ResourceGroupName] <String>
   [-Name] <String>
   [-KeyVaultResourceGroupName <String>]
   [-KeyVaultName <String>]
   [-CertificateOutputFolder <String>]
   [-CertificatePassword <SecureString>]
   -CertificateSubjectName <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-AzServiceFabricClusterCertificate
   [-ResourceGroupName] <String>
   [-Name] <String>
   [-KeyVaultResourceGroupName <String>]
   [-KeyVaultName <String>]
   -CertificateFile <String>
   [-CertificatePassword <SecureString>]
   [-CertificateCommonName <String>]
   [-CertificateIssuerThumbprint <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Use Add-AzServiceFabricClusterCertificate to add a secondary cluster certificate, either from an existing Azure key vault or creating a new Azure key vault using an existing certificate provided or from a new self-signed certificate created. It will override the secondary cluster if there is any.

Examples

Example 1

Add-AzServiceFabricClusterCertificate -ResourceGroupName 'Group1' -Name 'Contoso01SFCluster' 
-SecretIdentifier 'https://contoso03vault.vault.azure.net/secrets/contoso03vaultrg/7f7de9131c034172b9df37ccc549524f'

This command will add a certificate in the existing Azure key vault as a secondary cluster certificate.

Example 2

PS c:\> $pwd = ConvertTo-SecureString -String "123" -AsPlainText -Force
PS c:\> add-AzServiceFabricClusterCertificate -ResourceGroupName 'Group2' -Name 'Contoso02SFCluster'  -CertificateSubjectName 'Contoso.com' 
-CertificateOutputFolder 'c:\test' -CertificatePassword $pwd

This command will create a self-signed certificate in the Azure key vault and upgrade the cluster to use it as a secondary cluster certificate.

Parameters

-CertificateCommonName

Certificate common name

Type:String
Aliases:CertCommonName
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-CertificateFile

The path to the existing certificate

Type:String
Aliases:Source
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-CertificateIssuerThumbprint

Certificate issuer thumbprint, separated by commas if more than one

Type:String
Aliases:CertIssuerThumbprint
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-CertificateOutputFolder

The folder where the new certificate needs to be downloaded.

Type:String
Aliases:Destination
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-CertificatePassword

The password of the certificate

Type:SecureString
Aliases:CertPassword
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-CertificateSubjectName

The subject name of the certificate

Type:String
Aliases:Subject
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-KeyVaultName

Azure key vault name, if not given it will be defaulted to the resource group name

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-KeyVaultResourceGroupName

Azure key vault resource group name, if not given it will be defaulted to resource group name

Type:String
Aliases:KeyVaultResouceGroupName
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-Name

Specify the name of the cluster

Type:String
Aliases:ClusterName
Position:1
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ResourceGroupName

Specify the name of the resource group.

Type:String
Position:0
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-SecretIdentifier

The existing Azure key vault secret URL, for example 'https://mykv.vault.azure.net:443/secrets/mysecrets/55ec7c4dc61a462bbc645ffc9b4b225f'

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

SecureString

Outputs

PSCluster