description | external help file | Module Name | ms.date | online version | schema | title |
---|---|---|---|---|---|---|
Use this topic to help manage Windows and Windows Server technologies with Windows PowerShell. |
Microsoft.Windows.KpsServer.Administration.dll-Help.xml |
HgsKeyProtection |
12/20/2016 |
2.0.0 |
Get-HgsKeyProtectionCertificate |
Gets key certificates in the Key Protection Service.
Get-HgsKeyProtectionCertificate [-CertificateType <KeyCertificateType>] [-IsEnabled <Boolean>]
[-IsPrimary <Boolean>] [<CommonParameters>]
Get-HgsKeyProtectionCertificate -CertificateType <KeyCertificateType> -Thumbprint <String> [<CommonParameters>]
The Get-HgsKeyProtectionCertificate cmdlet gets key certificates in the Key Protection Service.
PS C:\> Get-HgsKeyProtectionCertificate
This command gets all key certificates from the Key Protection Service.
PS C:\> Get-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint "a17dd68f4ecc499bbe65ee18718123da"
This command gets a key certificate that has the specified type and thumbprint.
PS C:\> Get-HgsKeyProtectionCertificate -IsEnabled $True -IsPrimary $False
This command gets all key certificates that are enabled but not primary.
Specifies of the type of the certificate that this cmdlet gets. The acceptable values for this parameter are:The acceptable values for this parameter are:
- Signing
- Encryption
If you do not specify this parameter, the cmdlet gets both signing and encryption certificates.
Type: KeyCertificateType
Parameter Sets: GetMultipleCerts
Aliases:
Accepted values: Signing, Encryption
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Type: KeyCertificateType
Parameter Sets: GetOneCert
Aliases:
Accepted values: Signing, Encryption
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies whether to get enabled or disabled key certificates. Specify a value of $True to get only enabled certificates. Specify a value of $False to get only disabled certificates. If you do not specify this parameter, the cmdlet gets both enabled and disabled certificates.
Type: Boolean
Parameter Sets: GetMultipleCerts
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies whether to get the primary key certificate. Specify a value of $True to get only the primary certificate. Specify a value of $False to get only certificates that are not primary. If you do not specify this parameter, the cmdlet gets both primary and not primary certificates.
Type: Boolean
Parameter Sets: GetMultipleCerts
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies the thumbprint of the certificate to get. If you specify this parameter, you must also specify the CertificateType parameter.
Type: String
Parameter Sets: GetOneCert
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
You cannot pipe input to this cmdlet.
This cmdlet returns a key certificate. The object contains the following fields:
- Thumbprint. The thumbprint of the certificate.
- CertificateType. The type of the certificate. Valid values are: Encryption and Signing.
- Enabled. Whether the certificate is enabled.
- Primary. Whether this certificate is the primary certificate.
- Certificate. The full X509Certificate2 object associated with this key certificate.
Add-HgsKeyProtectionCertificate