HelpCache/Microsoft.CertificateServices.PKIClient.Cmdlets.dll-help.xml
<?xml version = "1.0" encoding = "utf-8" ?>
<helpItems schema="maml"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Add-CertificateEnrollmentPolicyServer</command:name><maml:description><maml:para>Adds an enrollment policy server to the current user or local system configuration.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Add</command:verb><command:noun>CertificateEnrollmentPolicyServer</command:noun><dev:version /></command:details><maml:description><maml:para>The Add-CertificateEnrollmentPolicyServer cmdlet adds an enrollment policy server to the current user or local system configuration. If an enrollment policy server already exists, then this cmdlet will overwrite it. Group Policy can be configured to prevent enrollment policy servers from being added.</maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Add-CertificateEnrollmentPolicyServer</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>AutoEnrollmentEnabled</maml:name><maml:description><maml:para>Enables auto-enrollment for the policy server being added.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Credential</maml:name><maml:description><maml:para>Specifies the credential used to authenticate to the policy server. This credential can be a PSCredential object, which is a username and password, an x509 certificate, or a path to an x509 certificate. Kerberos authentication is used if no credential is specified.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PkiCredential</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoClobber</maml:name><maml:description><maml:para>Prevents an enrollment policy server from overwriting an existing one.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>RequireStrongValidation</maml:name><maml:description><maml:para>Specifies that the certificate obtained through this enrollment policy server must be trusted on the client.</maml:para></maml:description></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Stores information about the policy server in the configuration for the Current User or Local computer.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Machine</command:parameterValue><command:parameterValue required="true" variableLength="false">User</command:parameterValue></command:parameterValueGroup></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="named" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Identifies the uniform resource locator (URL) of the enrollment policy server to configure.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>AutoEnrollmentEnabled</maml:name><maml:description><maml:para>Enables auto-enrollment for the policy server being added.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Stores information about the policy server in the configuration for the Current User or Local computer.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Context</command:parameterValue><dev:type><maml:name>Context</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Credential</maml:name><maml:description><maml:para>Specifies the credential used to authenticate to the policy server. This credential can be a PSCredential object, which is a username and password, an x509 certificate, or a path to an x509 certificate. Kerberos authentication is used if no credential is specified.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PkiCredential</command:parameterValue><dev:type><maml:name>PkiCredential</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoClobber</maml:name><maml:description><maml:para>Prevents an enrollment policy server from overwriting an existing one.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>RequireStrongValidation</maml:name><maml:description><maml:para>Specifies that the certificate obtained through this enrollment policy server must be trusted on the client.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="named" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Identifies the uniform resource locator (URL) of the enrollment policy server to configure.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue><dev:type><maml:name>Uri</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>Microsoft.CertificateServices.Commands.EnrollmentPolicyServer</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The EnrollmentPolicyServer object contains information about the certificate enrollment policy.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Commands.EnrollmentPolicyServer</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The EnrollmentPolicyServer object contains information about the certificate enrollment policy.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Add-CertificateEnrollmentPolicyServer -Url $url -Context Machine </dev:code><dev:remarks><maml:para>This example loads a policy from $url using Windows integrated authentication under the computer context, using the computer account credentials. This example also adds the policy server to the local computer configuration. Auto enrollment is off and strong validation is off.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$cert = ( Get-ChildItem -Path cert:\LocalMachine\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF ) PS C:\>Add-CertificateEnrollmentPolicyServer -Url $cert.EnrollmentPolicyEndPoint.Url -Credential $cert -Context Machine </dev:code><dev:remarks><maml:para>This example loads a policy using $cert as the authentication credential and adds the policy to the local computer local configuration since the context is the local computer (Machine).</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 3</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$up = Get-Credential PS C:\>Add-CertificateEnrollmentPolicyServer -Url $url -Context Machine -Credential $up </dev:code><dev:remarks><maml:para>This example loads a policy using the username and password from $url. This example adds the policy server to the local computer configuration.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 4</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$cert = (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF) PS C:\>Add-CertificateEnrollmentPolicyServer -Url $cert.EnrollmentPolicyEndPoint.Url -Credential $cert.PSPath -Context Machine </dev:code><dev:remarks><maml:para>This example loads policy using the Path object for a certificate. Use the certificate to authenticate to the URL and add the policy server into the local user configuration.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 5</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$up = Get-Credential PS C:\>Add-CertificateEnrollmentPolicyServer -Url $url -Context User -Credential $up –WhatIf What if: Policy successfully loaded from {$url} using username/password credentials. Policy server configuration will be added to current user context. </dev:code><dev:remarks><maml:para>This example shows that if the policy cannot be loaded or if there is a conflict with an identifier (ID) or URL, then this will be the output. If the policy server already exists, then the output will state that the existing policy server configuration will be overwritten. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287525</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-Credential</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-CertificateEnrollmentPolicyServer</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Remove-CertificateEnrollmentPolicyServer</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Export-Certificate</command:name><maml:description><maml:para>Exports a certificate from a certificate store into a file.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Export</command:verb><command:noun>Certificate</command:noun><dev:version /></command:details><maml:description><maml:para>The Export-Certificate cmdlet exports a certificate from a certificate store to a file. The private key is not included in the export. If more than one certificate is being exported, then the default file format is SST. Otherwise, the default format is CERT. Use the Type parameter to change the file format.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Export-Certificate</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Force</maml:name><maml:description><maml:para>Specifies that the exported certificate file will overwrite an existing certificate file, unless the Read-only or hidden attribute is set or the NoClobber parameter is also used. The NoClobber parameter takes precedence over this parameter when both are used.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoClobber</maml:name><maml:description><maml:para>Prevents an exported certificate file from overwriting an existing certificate file. This parameter takes precedence over the Force parameter, which permits this cmdlet to overwrite an existing certificate file, even if it has the Read-only attribute set.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Type</maml:name><maml:description><maml:para>Specifies the type of output file for the certificate export as follows. -- SST: A Microsoft serialized certificate store (.sst) file format which can contain one or more certificates. This is the default value for multiple certificates. -- CERT: A .cer file format which contains a single DER-encoded certificate. This is the default value for one certificate. -- P7B: A PKCS#7 file format which can contain one or more certificates. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">CertType</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="named" aliases=""><maml:name>Cert</maml:name><maml:description><maml:para>Specifies one or more certificates to be exported to a file. A single certificate object, an array of certificate objects, or a path to one or more certificates in a certificate store can be specified.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the location where the exported certificate will be stored.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="named" aliases=""><maml:name>Cert</maml:name><maml:description><maml:para>Specifies one or more certificates to be exported to a file. A single certificate object, an array of certificate objects, or a path to one or more certificates in a certificate store can be specified.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue><dev:type><maml:name>Certificate</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the location where the exported certificate will be stored.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Force</maml:name><maml:description><maml:para>Specifies that the exported certificate file will overwrite an existing certificate file, unless the Read-only or hidden attribute is set or the NoClobber parameter is also used. The NoClobber parameter takes precedence over this parameter when both are used.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoClobber</maml:name><maml:description><maml:para>Prevents an exported certificate file from overwriting an existing certificate file. This parameter takes precedence over the Force parameter, which permits this cmdlet to overwrite an existing certificate file, even if it has the Read-only attribute set.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Type</maml:name><maml:description><maml:para>Specifies the type of output file for the certificate export as follows. -- SST: A Microsoft serialized certificate store (.sst) file format which can contain one or more certificates. This is the default value for multiple certificates. -- CERT: A .cer file format which contains a single DER-encoded certificate. This is the default value for one certificate. -- P7B: A PKCS#7 file format which can contain one or more certificates. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">CertType</command:parameterValue><dev:type><maml:name>CertType</maml:name><maml:uri /></dev:type><dev:defaultValue>SST</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>System.Security.Cryptography.X509Certificates.X509Certificate2</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A Certificate object can be piped into to this cmdlet.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>System.IO.FileInfo</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The FileInfo object contains the information about the certificate file.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$cert = (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF) PS C:\>Export-Certificate -Cert $cert -FilePath c:\certs\user.sst -Type SST </dev:code><dev:remarks><maml:para>This example exports a certificate to the file system as a Microsoft serialized certificate store without its private key.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$cert = (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF) PS C:\>Export-Certificate -Cert $cert -FilePath c:\certs\user.cer </dev:code><dev:remarks><maml:para>This example exports a certificate to the file system as a DER-encoded .cer file without its private key.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 3</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$cert = ( Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF ) PS C:\>Export-Certificate -Cert $cert -FilePath c:\certs\user.p7b -Type p7b </dev:code><dev:remarks><maml:para>This example exports a certificate to the file system as a PKCS#7-fomatted .p7b file without its private key.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 4</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-ChildItem -Path cert:\CurrentUser\my | Export-Certificate –FilePath c:\certs\allcerts.sst -Type SST </dev:code><dev:remarks><maml:para>This example exports all certificates under CurrentUser\my store into a Microsoft serialized certificate store allcerts.sst.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287526</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Import-Certificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Export-PfxCertificate</command:name><maml:description><maml:para>Exports a certificate or a PFXData object to a Personal Information Exchange (PFX) file.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Export</command:verb><command:noun>PfxCertificate</command:noun><dev:version /></command:details><maml:description><maml:para>The Export-PfxCertificate cmdlet exports a certificate or a PFXData object to a Personal Information Exchange (PFX) file. By default, extended properties and the entire chain are exported.</maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Export-PfxCertificate</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>Cert</maml:name><maml:description><maml:para>Specifies the path to the certificate to be exported.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path for the PFX file to be exported.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>ChainOption</maml:name><maml:description><maml:para>Specifies the options for building a chain when exporting certificates. The acceptable values for this parameter are: -- BuildChain: Certificate chain for all end entity certificates will be built and included in the export. This option is valid for both PfxData and Cert parameters. In the case of PfxData parameter, the collection of all PFX certificates will be used as an additional store. -- EndEntityCertOnly: Only end entity certificates are exported without any chain. This option is valid for both the PfxData and the Cert parameters. -- PfxDataOnly: Certificates contained in PFXData objects will be exported with no chain building. This option is only valid when the PfxData parameter is used. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">ExportChainOption</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Force</maml:name><maml:description><maml:para>Specifies that the provided PFX file should be overwritten, even if the Read-only attribute is set on the file. By default, this cmdlet overwrites existing PFX files without warning, unless the Read-only or hidden attribute is set or the NoClobber parameter is used in the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoClobber</maml:name><maml:description><maml:para>Specifies that if the PFX file already exists, it should not be over written. This parameter takes precedence over the Force parameter, which permits this cmdlet to overwrite a PFX file even if it has the Read-only attribute set.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoProperties</maml:name><maml:description><maml:para>Specifies whether the extended properties for a certificate are exported. If this parameter is specified, then extended properties are not included with the export. By default, all extended properties are included in the exported file.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Password</maml:name><maml:description><maml:para>Specifies the password used to protect the exported PFX file. The password should be in the form of secure string. Either the ProtectTo or this parameter must be specified, or an error will be displayed.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>ProtectTo</maml:name><maml:description><maml:para>Specifies an array of strings for the username or group name that can access the private key of PFX file without any password. This requires a Windows Server® 2012 domain controller. Either the Password or this parameter must be specified, or an error will be displayed.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Export-PfxCertificate</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1" aliases=""><maml:name>PFXData</maml:name><maml:description><maml:para>Specifies a PFXData object that contains one or more certificates from a PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PfxData</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path for the PFX file to be exported.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>ChainOption</maml:name><maml:description><maml:para>Specifies the options for building a chain when exporting certificates. The acceptable values for this parameter are: -- BuildChain: Certificate chain for all end entity certificates will be built and included in the export. This option is valid for both PfxData and Cert parameters. In the case of PfxData parameter, the collection of all PFX certificates will be used as an additional store. -- EndEntityCertOnly: Only end entity certificates are exported without any chain. This option is valid for both the PfxData and the Cert parameters. -- PfxDataOnly: Certificates contained in PFXData objects will be exported with no chain building. This option is only valid when the PfxData parameter is used. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">ExportChainOption</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Force</maml:name><maml:description><maml:para>Specifies that the provided PFX file should be overwritten, even if the Read-only attribute is set on the file. By default, this cmdlet overwrites existing PFX files without warning, unless the Read-only or hidden attribute is set or the NoClobber parameter is used in the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoClobber</maml:name><maml:description><maml:para>Specifies that if the PFX file already exists, it should not be over written. This parameter takes precedence over the Force parameter, which permits this cmdlet to overwrite a PFX file even if it has the Read-only attribute set.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoProperties</maml:name><maml:description><maml:para>Specifies whether the extended properties for a certificate are exported. If this parameter is specified, then extended properties are not included with the export. By default, all extended properties are included in the exported file.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Password</maml:name><maml:description><maml:para>Specifies the password used to protect the exported PFX file. The password should be in the form of secure string. Either the ProtectTo or this parameter must be specified, or an error will be displayed.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>ProtectTo</maml:name><maml:description><maml:para>Specifies an array of strings for the username or group name that can access the private key of PFX file without any password. This requires a Windows Server® 2012 domain controller. Either the Password or this parameter must be specified, or an error will be displayed.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>Cert</maml:name><maml:description><maml:para>Specifies the path to the certificate to be exported.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue><dev:type><maml:name>Certificate</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>ChainOption</maml:name><maml:description><maml:para>Specifies the options for building a chain when exporting certificates. The acceptable values for this parameter are: -- BuildChain: Certificate chain for all end entity certificates will be built and included in the export. This option is valid for both PfxData and Cert parameters. In the case of PfxData parameter, the collection of all PFX certificates will be used as an additional store. -- EndEntityCertOnly: Only end entity certificates are exported without any chain. This option is valid for both the PfxData and the Cert parameters. -- PfxDataOnly: Certificates contained in PFXData objects will be exported with no chain building. This option is only valid when the PfxData parameter is used. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">ExportChainOption</command:parameterValue><dev:type><maml:name>ExportChainOption</maml:name><maml:uri /></dev:type><dev:defaultValue>BuildChain</dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path for the PFX file to be exported.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Force</maml:name><maml:description><maml:para>Specifies that the provided PFX file should be overwritten, even if the Read-only attribute is set on the file. By default, this cmdlet overwrites existing PFX files without warning, unless the Read-only or hidden attribute is set or the NoClobber parameter is used in the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoClobber</maml:name><maml:description><maml:para>Specifies that if the PFX file already exists, it should not be over written. This parameter takes precedence over the Force parameter, which permits this cmdlet to overwrite a PFX file even if it has the Read-only attribute set.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NoProperties</maml:name><maml:description><maml:para>Specifies whether the extended properties for a certificate are exported. If this parameter is specified, then extended properties are not included with the export. By default, all extended properties are included in the exported file.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1" aliases=""><maml:name>PFXData</maml:name><maml:description><maml:para>Specifies a PFXData object that contains one or more certificates from a PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PfxData</command:parameterValue><dev:type><maml:name>PfxData</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Password</maml:name><maml:description><maml:para>Specifies the password used to protect the exported PFX file. The password should be in the form of secure string. Either the ProtectTo or this parameter must be specified, or an error will be displayed.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue><dev:type><maml:name>SecureString</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>ProtectTo</maml:name><maml:description><maml:para>Specifies an array of strings for the username or group name that can access the private key of PFX file without any password. This requires a Windows Server® 2012 domain controller. Either the Password or this parameter must be specified, or an error will be displayed.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>System.Security.Cryptography.X509Certificates.X509Certificate2[]</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The X509Certificate2[] object is an array of certificate objects.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>System.IO.FileInfo</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The FileInfo object contains the information about the PFX file.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$mypwd = ConvertTo-SecureString -String "1234" -Force –AsPlainText PS C:\>Get-ChildItem -Path cert:\localMachine\my\5F98EBBFE735CDDAE00E33E0FD69050EF9220254 | Export-PfxCertificate -FilePath C:\mypfx.pfx -Password $mypwd </dev:code><dev:remarks><maml:para>This example exports a certificate from the local machine store to a PFX file which includes the entire chain and all external properties.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$mypwd = ConvertTo-SecureString -String "1234" -Force –AsPlainText PS C:\>Get-ChildItem -Path cert:\LocalMachine\my | Export-PfxCertificate -FilePath C:\mypfx.pfx -Password $mypwd </dev:code><dev:remarks><maml:para>This example exports all certificates under the My store for the machine account into one file named mypfx.pfx. In order for this cmdlet to succeed, all keys need to be exportable.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 3</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$mypwd = ConvertTo-SecureString -String "1234" -Force –AsPlainText PS C:\>Export-PfxCertificate –Cert cert:\currentuser\my\5F98EBBFE735CDDAE00E33E0FD69050EF9220254 –FilePath c:\myexport.pfx -ChainOption EndEntityCertOnly -NoProperties -Password $mypwd </dev:code><dev:remarks><maml:para>This example exports a certificate from the current user store with no chain and no external properties</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 4</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>$a = Get-ChildItem -Path cert:\localMachine\my Export-PfxCertificate –Cert $a[1] –FilePath C:\myexport.pfx -ProtectTo "contoso\billb99, contoso\johnj99" </dev:code><dev:remarks><maml:para>This example exports a certificate from the current machine store. Both user accounts, contos\billb99 and contos\johnj99, can access this PFX with no password. A Windows® 8 DC for key distribution is required.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 5</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$a = Get-ChildItem -Path cert:\localMachine\my PS C:\>$mypwd = ConvertTo-SecureString -String "1234" -Force –AsPlainText PS C:\>Export-PfxCertificate –Cert $a[1] –FilePath C:\myexport.pfx -ProtectTo "contoso\billb99, contoso\johnj99" -Password $mypwd </dev:code><dev:remarks><maml:para>This example exports a certificate from the current machine store. Both user accounts, johnj99 and billb99, can access this PFX file with no password. For everyone else, they need to use 1234 as a password. A Windows 8 DC for key distribution is required.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 6</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$NewPwd = ConvertTo-SecureString -String "abcd" -Force –AsPlainText PS C:\>$mypfx = Get-PfxData –FilePath C:\mypfx.pfx -Password $Oldpwd PS C:\>Export-PfxCertificate -PFXData $mypfx –FilePath C:\mypfx2.pfx -Password $NewPwd </dev:code><dev:remarks><maml:para>This example changes an existing password for a PFX file from $OldPwd to $NewPwd.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287527</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>ConvertTo-SecureString</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-PfxData</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Import-PfxCertificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-Certificate</command:name><maml:description><maml:para>Submits a certificate request to an enrollment server and installs the response or retrieves a certificate for a previously submitted request.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>Certificate</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-Certificate cmdlet can be used to submit a certificate request and install the resulting certificate, install a certificate from a pending certificate request, and enroll for ldap. If the request is issued, then the returned certificate is installed in the store determined by the CertStoreLocation parameter and return the certificate in the EnrollmentResult structure with status Issued. If the request is made pending, then the request is installed in the machine REQUEST store and a request is returned in the EnrollmentResult structure with status Pending.</maml:para><maml:para>This cmdlet can be used in a Stateless mode where this cmdlet does not look up anything in the vault or in a Stateful mode where it looks at registered certificate enrollment policy servers by identifier (ID) and credential. When used with a request object and no credential, this cmdlet will look up credentials in the vault based on the URL for the enrollment policy server.</maml:para><maml:para>This cmdlet will not accept a policy server identifier (ID). If a URL is not specified, then only the default certificate enrollment policy ID is used and the cmdlet will attempt to obtain policy information from any of its URLs.</maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-Certificate</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the path to the certificate store for the received certificate. If the request is made pending, then the request object is saved in the corresponding request store. Note: Only My store is supported.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Credential</maml:name><maml:description><maml:para>Specifies the credential to use for certificate enrollment. The credential can be a user name and password (a credential object), an X509 certificate, or the path to a certificate. If a credential is not specified, then Kerberos authentication is used.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PkiCredential</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>DnsName</maml:name><maml:description><maml:para>Specifies one or more DNS names to be included in the certificate request as subject alternative name extension.</maml:para></maml:description><command:parameterValue required="true" variableLength="true">String[]</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>SubjectName</maml:name><maml:description><maml:para>Specifies the subject name to be included in the certificate request.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="named" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Specifies the policy server URL to use for certificate enrollment. Credentials are required if the endpoint requires a user name and password or certificate authentication from the client. If credentials are not found and Windows PowerShell® is in interactive mode, then a prompt for credentials will appear.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Template</maml:name><maml:description><maml:para>Specifies the object identifier or name of a certificate template to use with the certificate request.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Get-Certificate</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Credential</maml:name><maml:description><maml:para>Specifies the credential to use for certificate enrollment. The credential can be a user name and password (a credential object), an X509 certificate, or the path to a certificate. If a credential is not specified, then Kerberos authentication is used.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PkiCredential</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="named" aliases=""><maml:name>Request</maml:name><maml:description><maml:para>Specifies the X509 certificate or the path to a requested certificate located in the request store.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the path to the certificate store for the received certificate. If the request is made pending, then the request object is saved in the corresponding request store. Note: Only My store is supported.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue>.</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Credential</maml:name><maml:description><maml:para>Specifies the credential to use for certificate enrollment. The credential can be a user name and password (a credential object), an X509 certificate, or the path to a certificate. If a credential is not specified, then Kerberos authentication is used.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PkiCredential</command:parameterValue><dev:type><maml:name>PkiCredential</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>DnsName</maml:name><maml:description><maml:para>Specifies one or more DNS names to be included in the certificate request as subject alternative name extension.</maml:para></maml:description><command:parameterValue required="true" variableLength="true">String[]</command:parameterValue><dev:type><maml:name>String[]</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="named" aliases=""><maml:name>Request</maml:name><maml:description><maml:para>Specifies the X509 certificate or the path to a requested certificate located in the request store.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue><dev:type><maml:name>Certificate</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>SubjectName</maml:name><maml:description><maml:para>Specifies the subject name to be included in the certificate request.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Template</maml:name><maml:description><maml:para>Specifies the object identifier or name of a certificate template to use with the certificate request.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="named" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Specifies the policy server URL to use for certificate enrollment. Credentials are required if the endpoint requires a user name and password or certificate authentication from the client. If credentials are not found and Windows PowerShell® is in interactive mode, then a prompt for credentials will appear.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue><dev:type><maml:name>Uri</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>System.Security.Cryptography.X509Certificates.X509Certificate2</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The Certificate object can either be provided as a Path object to a certificate or an X509Certificate2 object.</maml:para></maml:description></command:inputType><command:inputType><dev:type><maml:name>System.Uri</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The Uri object can also be pipelined by the Url property name.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Commands.EnrollmentResult</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The EnrollmentResult object contains the results of enrollment.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$up = Get-Credential PS C:\>Get-Certificate -Template SslWebServer -DnsName www.contoso.com,www.fabrikam.com -Url https://www.contoso.com/Policy/service.svc -Credential $up -CertStoreLocation cert:\LocalMachine\My </dev:code><dev:remarks><maml:para>This example submits a certificate request for the SslWebServer template to the specific URL using the user name and password credentials. The request will have two DNS names in it. This is for a certificate in the machine store. If the request is issued, then the returned certificate is installed in the machine MY store and the certificate in the EnrollmentResult structure is returned with the status Issued. If the request is made pending, then the request is installed in the machine REQUEST store and the request in the EnrollmentResult structure is returned with the status Pending.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$cert = ( Get-ChildItem -Path cert:\LocalMachine\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF ) PS C:\>$enrollResult = Get-Certificate -Template SslWebServer -DnsName www.contoso.com -Url https://www.contoso.com/policy/service.svc -Credential $cert -CertStoreLocation cert:\LocalMachine\My </dev:code><dev:remarks><maml:para>This example submits a certificate request to a specific URL using the certificate credential for authentication.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 3</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>Set-Location -Path cert:\LocalMachine\My PS C:\>$enrollResult = ( Get-Certificate -Template WorkstationTemplate -Url https://www.contoso.com/service.svc ) </dev:code><dev:remarks><maml:para>This example authenticates the URL using the machine account and Windows integrated authentication and submits a request for a machine certificate of template named WorkstationTemplate.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 4</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>Set-Location -Path cert:\CurrentUser\My PS C:\>Get-Certificate -Template User -Url ldap: </dev:code><dev:remarks><maml:para>This example uses Windows integrated authentication to enroll for a certificate of template User using direct DCOM calls to the CA.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 5</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$request = (Get-ChildItem -Path cert:\LocalMachine\Request\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF) PS C:\>$up = Get-Credential PS C:\>Get-Certificate -Request $request -Credential $up </dev:code><dev:remarks><maml:para>This example retrieves and submits a pending request using a user name and password as credentials.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 6</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$request = (Get-ChildItem -Path cert:\LocalMachine\Request\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF) PS C:\>Get-Certificate -Request $request </dev:code><dev:remarks><maml:para>This example retrieves the certificate identified by $request. If the authentication type for $request.EnrollmentServer.AuthType is not Kerberos, then look in the credential store to see if there is a credential for $request.EnrollmentServer.Url. If there is a credential, then use it. If there is no credential, then Windows PowerShell® will request it (if Windows PowerShell is in Interactive mode).</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287528</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-Credential</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Set-Location</maml:linkText><maml:uri></maml:uri></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-CertificateAutoEnrollmentPolicy</command:name><maml:description><maml:para>Retrieves certificate auto-enrollment policy settings.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>CertificateAutoEnrollmentPolicy</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-CertificateAutoEnrollmentPolicy cmdlet gets certificate auto-enrollment policy settings for the user or computer. This cmdlet can return the settings configured in local policy or that are being applied from either local or domain policy.</maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-CertificateAutoEnrollmentPolicy</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Specifies the context of the enrollment policy to return.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Machine</command:parameterValue><command:parameterValue required="true" variableLength="false">User</command:parameterValue></command:parameterValueGroup></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Scope</maml:name><maml:description><maml:para>Specifies the scope of the enrollment policy to return. If Local scope is specified, then the locally configured policy is returned. If Applied scope is specified, then the currently applied policy which can be either the local policy or a domain policy, is returned.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Applied</command:parameterValue><command:parameterValue required="true" variableLength="false">Local</command:parameterValue></command:parameterValueGroup></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Specifies the context of the enrollment policy to return.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Context</command:parameterValue><dev:type><maml:name>Context</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Scope</maml:name><maml:description><maml:para>Specifies the scope of the enrollment policy to return. If Local scope is specified, then the locally configured policy is returned. If Applied scope is specified, then the currently applied policy which can be either the local policy or a domain policy, is returned.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">AutoEnrollmentPolicyScope</command:parameterValue><dev:type><maml:name>AutoEnrollmentPolicyScope</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>Microsoft.CertificateServices.Commands.AutoEnrollmentPolicy</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The AutoEnrollmentPolicy object combines certificate auto-enrollment policy settings and exposes them as properties.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Commands.AutoEnrollmentPolicy</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The AutoEnrollmentPolicy object combines certificate auto-enrollment policy settings and exposes them as properties. Each property can be modified and piped into the Set-CertificateAutoEnrollmentPolicy cmdlet to be applied.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-CertificateAutoEnrollmentPolicy -Scope Local -Context User PolicyState : Enabled EnableMyStoreManagement : True EnableTemplateCheck : True ExpirationPercentage : 10 StoreName : {MY} EnableBalloonNotifications : False </dev:code><dev:remarks><maml:para>This example gets the locally configured certificate auto-enrollment user policy. In this example, the Renew expired certificates, update pending certificates, and remove revoked certificates and Update certificates that use certificates templates options are enabled. Also, the Expiration notifications option is enabled and set to 10 percent of the certificate lifetime which are stored in the MY store. Finally, Balloon notifications are disabled.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287529</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Set-CertificateAutoEnrollmentPolicy</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-CertificateEnrollmentPolicyServer</command:name><maml:description><maml:para>Returns all of the certificate enrollment policy server URL configurations.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>CertificateEnrollmentPolicyServer</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-CertificateEnrollmentPolicyServer cmdlet retrieves information required for connecting to one or more certificate enrollment policy servers configured for this user or computer. The returned information can be filtered by providing a specific URL, a specific scope, or requesting only user or computer (machine) context.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-CertificateEnrollmentPolicyServer</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="named" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Limits the returned enrollment policy servers to the servers that contain the provided URL.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Retrieves information about the enrollment policy server for the local computer (machine) or Current User context.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Machine</command:parameterValue><command:parameterValue required="true" variableLength="false">User</command:parameterValue></command:parameterValueGroup></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Scope</maml:name><maml:description><maml:para>Specifies where the cmdlet will find the enrollment policy server configuration.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">All</command:parameterValue><command:parameterValue required="true" variableLength="false">Applied</command:parameterValue><command:parameterValue required="true" variableLength="false">ConfiguredByYou</command:parameterValue></command:parameterValueGroup></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Retrieves information about the enrollment policy server for the local computer (machine) or Current User context.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Context</command:parameterValue><dev:type><maml:name>Context</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Scope</maml:name><maml:description><maml:para>Specifies where the cmdlet will find the enrollment policy server configuration.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">EnrollmentPolicyServerScope</command:parameterValue><dev:type><maml:name>EnrollmentPolicyServerScope</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="named" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Limits the returned enrollment policy servers to the servers that contain the provided URL.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue><dev:type><maml:name>Uri</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>None</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para></maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Commands.EnrollmentPolicyUrlDescription[]</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>Describes the enrollment policy obtained from the specified URL.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-CertificateEnrollmentPolicyServer -Scope All -Context User </dev:code><dev:remarks><maml:para>This example returns all of the enrollment policy URL configurations that are included with the user configuration, Group Policy, and local policy for the User context.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-CertificateEnrollmentPolicyServer -Url http://www.contoso.com/Policy/service.svc -Scope All -Context Machine </dev:code><dev:remarks><maml:para>This example returns all of the enrollment policy URL configurations that have the given URL for the machine context.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 3</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-CertificateEnrollmentPolicyServer -Scope ConfiguredByYou -Context User </dev:code><dev:remarks><maml:para>This example returns all of the enrollment policy server URL configurations that are configured for the User context.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287530</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Add-CertificateEnrollmentPolicyServer</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Remove-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-CertificateNotificationTask</command:name><maml:description><maml:para>Returns all registered certificate notification tasks.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>CertificateNotificationTask</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-CertificateNotificationTask cmdlet returns all certificate notification tasks currently registered by the New-CertificateNotificationTask cmdlet.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-CertificateNotificationTask</maml:name></command:syntaxItem></command:syntax><command:parameters></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>None</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>None</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Command.CertificateNotificationTask</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>This cmdlet returns a CertificateNotificationTask object for each certificate notification task that is currently registered by the New-CertificateNotificationTask cmdlet.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-CertificateNotificationTask </dev:code><dev:remarks><maml:para>This example gets all certificate notification tasks currently registered by the New-CertificateNotificationTask cmdlet.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287531</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>New-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Remove-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Switch-Certificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-PfxData</command:name><maml:description><maml:para>Extracts the content of a Personal Information Exchange (PFX) file into a structure without importing it to certificate store.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>PfxData</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-PfxData cmdlet extracts the content of a Personal Information Exchange (PFX) file into a structure that contains the end entity certificate, any intermediate and root certificates.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-PfxData</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path to the PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Password</maml:name><maml:description><maml:para>Specifies the password for the imported PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path to the PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Password</maml:name><maml:description><maml:para>Specifies the password for the imported PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue><dev:type><maml:name>SecureString</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>System.String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A string containing the path to PFX file.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Commands.PFXData</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A PFXData object.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$mypwd = ConvertTo-SecureString -String "1234" -Force –AsPlainText PS C:\>$mypfx = Get-PfxData –FilePath C:\mypfx.pfx –Password $mypwd </dev:code><dev:remarks><maml:para>This example returns certificate information for the file mypfx.pfx located on the C: drive that is secured with the specified password.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$NewPwd = ConvertTo-SecureString -String "abcd" -Force –AsPlainText PS C:\>$mypfx = Get-PfxData –FilePath C:\mypfx.pfx -Password $Oldpwd PS C:\>Export-PfxCertificate -PfxData $mypfx –FilePath C:\mypfx.pfx -Password $NewPwd –Force </dev:code><dev:remarks><maml:para>This example shows how one can change an existing password for mypfx.pfx file from $OldPwd to $NewPwd.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287532</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>ConvertTo-SecureString</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Export-PfxCertificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Import-Certificate</command:name><maml:description><maml:para>Imports one or more certificates into a certificate store.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Import</command:verb><command:noun>Certificate</command:noun><dev:version /></command:details><maml:description><maml:para>The Import-Certificate cmdlet imports one or more certificates into a certificate store.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Import-Certificate</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path to a certificate file to be imported. Acceptable formats include .sst, .p7b, and .cert files. If the file contains multiple certificates, then each certificate will be imported to the destination store.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the path to the certificate store where the certificates will be imported. If the path to the certificate store is not specified, then the current store is used.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the path to the certificate store where the certificates will be imported. If the path to the certificate store is not specified, then the current store is used.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue>.</dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path to a certificate file to be imported. Acceptable formats include .sst, .p7b, and .cert files. If the file contains multiple certificates, then each certificate will be imported to the destination store.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>System.String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A String containing the file path.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>System.Security.Cryptography.X509Certificates.X509Certificate2[]</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The output is an array of X509Certificate2[] objects.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$file = ( Get-ChildItem -Path C:\files\root.cer ) PS C:\>$file | Import-Certificate -CertStoreLocation cert:\CurrentUser\Root </dev:code><dev:remarks><maml:para>This example imports the certificate from the file into the root store of the current user.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>Set-Location -Path cert:\CurrentUser\My PS C:\>Import-Certificate -Filepath "C:\files\intermediate.cert" </dev:code><dev:remarks><maml:para>This example imports the certificate from the file into the current store.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287533</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Set-Location</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Export-Certificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Import-PfxCertificate</command:name><maml:description><maml:para>Imports certificates and private keys from a Personal Information Exchange (PFX) file to the destination store.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Import</command:verb><command:noun>PfxCertificate</command:noun><dev:version /></command:details><maml:description><maml:para>The Import-PfxCertificate cmdlet imports certificates and private keys from a PFX file to the destination store. Certificates with and without private keys in the PFX file are imported, along with any external properties that are present.</maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Import-PfxCertificate</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path for the PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the path of the store to which certificates will be imported. If this parameter is not specified, then the current path is used as the destination store.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Exportable</maml:name><maml:description><maml:para>Specifies whether the imported private key can be exported. If this parameter is not specified, then the private key cannot be exported.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Password</maml:name><maml:description><maml:para>Specifies the password for the imported PFX file in the form of a secure string.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the path of the store to which certificates will be imported. If this parameter is not specified, then the current path is used as the destination store.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue>.</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Exportable</maml:name><maml:description><maml:para>Specifies whether the imported private key can be exported. If this parameter is not specified, then the private key cannot be exported.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>FilePath</maml:name><maml:description><maml:para>Specifies the path for the PFX file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Password</maml:name><maml:description><maml:para>Specifies the password for the imported PFX file in the form of a secure string.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue><dev:type><maml:name>SecureString</maml:name><maml:uri /></dev:type><dev:defaultValue>NULL</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>System.String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A String containing the path to the PFX file.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>System.Security.Cryptography.X509Certificates.X509Certificate2</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The imported X509Certificate2 object contained in the PFX file that is associated with private keys.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$mypwd = ConvertTo-SecureString -String "1234" -Force –AsPlainText PS C:\>Import-PfxCertificate –FilePath C:\mypfx.pfx cert:\localMachine\my -Password $mypwd </dev:code><dev:remarks><maml:para>This example imports the PFX file my.pfx with a private non-exportable key into the My store for the machine account.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-ChildItem -Path c:\mypfx\my.pfx | Import-PfxCertificate -CertStoreLocation Cert:\CurrentUser\My –Exportable </dev:code><dev:remarks><maml:para>This example imports the PFX file my.pfx with a private non-exportable key into the My store for the current user with private key exportable. The Password parameter is not required since this PFX file is not password protected.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 3</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>Set-Location -Path cert:\localMachine\my PS C:\>Import-PfxCertificate –FilePath c:\mypfx.pfx </dev:code><dev:remarks><maml:para>This example imports the PFX file mypfx.pfx into the My store for the machine account. The Password parameter is not required since this PFX file is protected using the domain account of this machine. This requires a Windows Server® 2012 domain controller.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287534</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>ConvertTo-SecureString</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Set-Location</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Export-PfxCertificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>New-CertificateNotificationTask</command:name><maml:description><maml:para>Creates a new task in the Task Scheduler that will be triggered when a certificate is replaced, expired, or about to expired.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>New</command:verb><command:noun>CertificateNotificationTask</command:noun><dev:version /></command:details><maml:description><maml:para>The New-CertificateNotificationTask cmdlet creates a new task in the Task Scheduler that will be triggered when a certificate is replaced or expires. The task will launch the script specified by the PSScript parameter.</maml:para><maml:para>If the RunTaskForExistingCertificates parameter is specified, then after this cmdlet is registered, the cmdlet will go through all certificates (including archived certificates) in the My store and initiate Replace events for all certificates with a Renewal property. The NewCertHash value will always be the one at the end of the renewal chain. For example; if certificate A was renewed to certificate B, which was then renewed to certificate C, then the cmdlet fires two events: certificate A to certificate C and certificate B to certificate C. This will ensure that applications that are still using old certificates are properly updated to the newest certificates. If any certificate has a renewal chain longer than 20, then the certificate is not logged.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>New-CertificateNotificationTask</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>RunTaskForExistingCertificates</maml:name><maml:description><maml:para>Generates a replacement notification for any certificate in the My store that has been replaced in the past. For the notification to be generated both certificates must be present in the store. This parameter can only be used with the Replace type. Note: The following warning will be displayed when this cmdlet is run with this parameter set to False and there are some certificates in MY store that would have resulted in a notification. -- There are certificates in My store that have been replaced in the past. You can use the New-CertificateNotification cmdlet with the RunTaskForExistingCerts parameter to generate notifications for those certificates to correct any configuration problems that you may already have on this machine.</maml:para></maml:description></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Channel</maml:name><maml:description><maml:para>Sets the channel of the CertificateServicesClient-Notifications log that will be monitored for certificate lifecycle events. The acceptable values for this parameter are: -- System: The Operation-System channel will be used. This channel should be used to modify system certificate bindings that use computer certificates. -- User: The Operational-User channel will be used. This channel should be used to modify user certificate bindings. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">NotificationChannel</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Name</maml:name><maml:description><maml:para>Specifies the unique name for the certificate notification task. If a certificate notification task with the same name already exists, then an error is generated.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>PSScript</maml:name><maml:description><maml:para>Identifies the Windows PowerShell® script that will be triggered by the certificate notification task. The script will be launched with the NonInteractive parameter.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Type</maml:name><maml:description><maml:para>Specifies the type of events that will trigger certificate notifications. The acceptable values for this parameter are: -- Replace: Certificate replacement events will trigger this notification, including certificates that are renewed by auto-enrollment, using the Certificates snap-in, or by using the Switch-Certificate cmdlet. -- Expire: Certificate expiration and close-to-expire events will trigger this notification. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">CertificateNotificationType</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Channel</maml:name><maml:description><maml:para>Sets the channel of the CertificateServicesClient-Notifications log that will be monitored for certificate lifecycle events. The acceptable values for this parameter are: -- System: The Operation-System channel will be used. This channel should be used to modify system certificate bindings that use computer certificates. -- User: The Operational-User channel will be used. This channel should be used to modify user certificate bindings. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">NotificationChannel</command:parameterValue><dev:type><maml:name>NotificationChannel</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Name</maml:name><maml:description><maml:para>Specifies the unique name for the certificate notification task. If a certificate notification task with the same name already exists, then an error is generated.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>PSScript</maml:name><maml:description><maml:para>Identifies the Windows PowerShell® script that will be triggered by the certificate notification task. The script will be launched with the NonInteractive parameter.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>RunTaskForExistingCertificates</maml:name><maml:description><maml:para>Generates a replacement notification for any certificate in the My store that has been replaced in the past. For the notification to be generated both certificates must be present in the store. This parameter can only be used with the Replace type. Note: The following warning will be displayed when this cmdlet is run with this parameter set to False and there are some certificates in MY store that would have resulted in a notification. -- There are certificates in My store that have been replaced in the past. You can use the New-CertificateNotification cmdlet with the RunTaskForExistingCerts parameter to generate notifications for those certificates to correct any configuration problems that you may already have on this machine.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Type</maml:name><maml:description><maml:para>Specifies the type of events that will trigger certificate notifications. The acceptable values for this parameter are: -- Replace: Certificate replacement events will trigger this notification, including certificates that are renewed by auto-enrollment, using the Certificates snap-in, or by using the Switch-Certificate cmdlet. -- Expire: Certificate expiration and close-to-expire events will trigger this notification. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">CertificateNotificationType</command:parameterValue><dev:type><maml:name>CertificateNotificationType</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>None</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para></maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Command.CertificateNotificationTask</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A CertificateNotificationTask object that contains details about a newly created task.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>New-CertificateNotificationTask -PSScript C:\myscript.ps1 -Channel System -Type Replace -Name "My System Certificate Task" </dev:code><dev:remarks><maml:para>This example creates a system notification task for certificate replacement events with the name My System Certificate Task that will launch the myscript.ps1 script located on the C: drive. The cmdlet will run on the local system.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>New-CertificateNotificationTask -PSScript C:\myscript.ps1 -Channel User -Type Expire -Name "My User Certificate Task" </dev:code><dev:remarks><maml:para>This example creates a system notification task for the expiration and close-to-expiration certificate events with the name My User Certificate Task that will launch the myscript.ps1 script located on the C: drive. The cmdlet will run for all currently logged on users in the user contexts.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287535</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Remove-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Switch-Certificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>New-SelfSignedCertificate</command:name><maml:description><maml:para>Creates a new self-signed certificate for testing purposes.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>New</command:verb><command:noun>SelfSignedCertificate</command:noun><dev:version /></command:details><maml:description><maml:para>The New-SelfSignedCertificate cmdlet creates a self-signed certificate for testing purposes. Using the CloneCert parameter, a test certificate can be created based on an existing certificate with all settings copied from the original certificate except for the public key. A new key of the same algorithm and length will be created.</maml:para><maml:para>If an existing certificate is not being cloned, then an SSL server certificate with the following default settings is created: -- Subject: Empty -- Key: RSA 2048 -- EKUs: Client Authentication and Server Authentication -- Key Usage: Digital Signature, Key Encipherment (a0) -- Validity Period: One year </maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>New-SelfSignedCertificate</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the certificate store in which a new certificate will be stored. The current path is the default value.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="named" aliases=""><maml:name>CloneCert</maml:name><maml:description><maml:para>Identifies the certificate to copy when creating a new certificate. The certificate being cloned can be identified by an X509 certificate or the file path in the certificate provider. When this parameter is used, all fields and extensions of the certificate will be inherited except the public key (a new key of the same algorithm and length will be created) and the NotAfter and NotBefore fields (the validity period for the NotBefore field is set to ten minutes in the past).</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>DnsName</maml:name><maml:description><maml:para>Specifies one or more DNS names to put into the Subject Alternative Name extension of the certificate when a certificate to be copied is not specified via the CloneCert parameter. The first DNS name is also saved as Subject Name and Issuer Name.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>CertStoreLocation</maml:name><maml:description><maml:para>Specifies the certificate store in which a new certificate will be stored. The current path is the default value.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue>.</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="named" aliases=""><maml:name>CloneCert</maml:name><maml:description><maml:para>Identifies the certificate to copy when creating a new certificate. The certificate being cloned can be identified by an X509 certificate or the file path in the certificate provider. When this parameter is used, all fields and extensions of the certificate will be inherited except the public key (a new key of the same algorithm and length will be created) and the NotAfter and NotBefore fields (the validity period for the NotBefore field is set to ten minutes in the past).</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue><dev:type><maml:name>Certificate</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>DnsName</maml:name><maml:description><maml:para>Specifies one or more DNS names to put into the Subject Alternative Name extension of the certificate when a certificate to be copied is not specified via the CloneCert parameter. The first DNS name is also saved as Subject Name and Issuer Name.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>Microsoft.CertificateServices.Commands.Certificate</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The Certificate object can either be provided as a Path object to a certificate or a X509Certificate2 object.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>System.Security.Cryptography.X509Certificates.X509Certificate2</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A X509Certificate2 object for the certificate that has been created.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> New-SelfSignedCertificate -DnsName www.fabrikam.com, www.contoso.com -CertStoreLocation cert:\LocalMachine\My </dev:code><dev:remarks><maml:para>This example creates a self-signed SSL server certificate in the computer MY store with the Subject Alternative Name set to www.fabrikam.com, www.contoso.com and Subject and Issuer name set to www.fabrikam.com.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Set-Location -Path cert:\LocalMachine\My PS C:\> $copyOf = (Get-ChildItem -Path E42DBC3B3F2771990A9B3E35D0C3C422779DACD7) PS C:\> New-SelfSignedCertificate -CloneCert $copyOf </dev:code><dev:remarks><maml:para>This example creates a copy of the certificate specified by the CloneCert parameter and puts it in the computer MY store.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287536</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Set-Location</maml:linkText><maml:uri></maml:uri></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Remove-CertificateEnrollmentPolicyServer</command:name><maml:description><maml:para>Removes an enrollment policy server and the URL of the enrollment policy server from the current user or local computer configuration.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Remove</command:verb><command:noun>CertificateEnrollmentPolicyServer</command:noun><dev:version /></command:details><maml:description><maml:para>The Remove-CertificateEnrollmentPolicyServer cmdlet removes an enrollment policy server from the current user or local computer configuration. This cmdlet also removes any policy cache file and credentials from the vault.</maml:para><maml:para>Only one enrollment policy server configuration is removed from the user configured location at a time. If a scope of All is specified and the same URL exists in the local computer (machine) and User contexts, then this cmdlet will fail. An error is generated if the specified URL does not exist in the given scope. Any policy cache file and credentials are also removed from the vault. </maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Remove-CertificateEnrollmentPolicyServer</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="1" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Specifies the URL of the enrollment policy server to remove from the local configuration.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Specifies that information about the location of an enrollment policy server should be removed from either the User or computer (machine) context.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Machine</command:parameterValue><command:parameterValue required="true" variableLength="false">User</command:parameterValue></command:parameterValueGroup></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Specifies that information about the location of an enrollment policy server should be removed from either the User or computer (machine) context.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Context</command:parameterValue><dev:type><maml:name>Context</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue, ByPropertyName)" position="1" aliases=""><maml:name>Url</maml:name><maml:description><maml:para>Specifies the URL of the enrollment policy server to remove from the local configuration.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Uri</command:parameterValue><dev:type><maml:name>Uri</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>Microsoft.CertificateServices.Commands.EnrollmentPolicyServer</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>Contains information about the certificate enrollment policy.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>None</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para></maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Remove-CertificateEnrollmentPolicyServer -Url https://www.contoso.com/policy/service.svc -Context User </dev:code><dev:remarks><maml:para>This example removes the enrollment policy server configuration from the local user configuration with the given URL.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>$userPolicy = Get-CertificateEnrollmentPolicyServer -Scope All -Context User -Url https://www.contoso.com/policy/service.svc PS C:\>Remove-CertificateEnrollmentPolicyServer -Url $userPolicy.url -Context User </dev:code><dev:remarks><maml:para>This example removes the enrollment policy server that is configured from the current user configuration.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287537</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Add-CertificateEnrollmentPolicyServer</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Get-CertificateEnrollmentPolicyServer</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Remove-CertificateNotificationTask</command:name><maml:description><maml:para>Removes a certificate notification task from Task Scheduler.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Remove</command:verb><command:noun>CertificateNotificationTask</command:noun><dev:version /></command:details><maml:description><maml:para>The Remove-CertificateNotificationTask cmdlet removes from Task Scheduler a certificate notification task that was registered with the New-CertificateNotificationTask cmdlet.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Remove-CertificateNotificationTask</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1" aliases=""><maml:name>Name</maml:name><maml:description><maml:para>Identifies the notification task to be deleted.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1" aliases=""><maml:name>Name</maml:name><maml:description><maml:para>Identifies the notification task to be deleted.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>System.String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A String containing the name of the task to be removed.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>None</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para></maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Remove-CertificateNotificationTask -Name "My Task" </dev:code><dev:remarks><maml:para>This example removes the task named My Task.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287538</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>New-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Switch-Certificate</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Set-CertificateAutoEnrollmentPolicy</command:name><maml:description><maml:para>Sets local certificate auto-enrollment policy.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Set</command:verb><command:noun>CertificateAutoEnrollmentPolicy</command:noun><dev:version /></command:details><maml:description><maml:para>The Set-CertificateAutoEnrollmentPolicy cmdlet configures local certificate auto-enrollment policy for a user or computer. The auto-enrollment policy can also be configured by using the Local Security Policy console. These settings can be found in the following location. -- \Security Settings\Public Key Policies\Certificate Services Client - Auto-Enrollment.</maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Set-CertificateAutoEnrollmentPolicy</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Specifies whether to set certificate auto-enrollment policy for the user or computer context.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Machine</command:parameterValue><command:parameterValue required="true" variableLength="false">User</command:parameterValue></command:parameterValueGroup></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>EnableAll</maml:name><maml:description><maml:para>Enables all of the auto-enrollment policy settings and sets the value for the expiration percentage to 10 percent. If this parameter is enabled, then only the Context parameter is required and all other parameters are optional.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Set-CertificateAutoEnrollmentPolicy</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>EnableBalloonNotifications</maml:name><maml:description><maml:para>Enables the Expiration balloon notifications option for the certificate auto-enrollment policy.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>EnableMyStoreManagement</maml:name><maml:description><maml:para>Enables the Renew expired certificates, update pending certificates, and remove revoked certificates option for the certificate auto-enrollment policy.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>EnableTemplateCheck</maml:name><maml:description><maml:para>Verifies that existing certificates are based on the most recent version of a certificate template and updates them if they are not.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>ExpirationPercentage</maml:name><maml:description><maml:para>Sets the percentage of the certificate lifetime at which close-to-expiration events are logged and auto-enrollment notifications start to appear.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Int32</command:parameterValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>StoreName</maml:name><maml:description><maml:para>Specifies additional comma separated certificate stores to monitor for certificates that have expired or are expiring. The MY store is always monitored.</maml:para></maml:description><command:parameterValue required="true" variableLength="true">String[]</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Specifies whether to set certificate auto-enrollment policy for the user or computer context.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Machine</command:parameterValue><command:parameterValue required="true" variableLength="false">User</command:parameterValue></command:parameterValueGroup></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>PolicyState</maml:name><maml:description><maml:para>Specifies the state of the certificate auto-enrollment policy configuration.</maml:para></maml:description><command:parameterValueGroup><command:parameterValue required="true" variableLength="false">Disabled</command:parameterValue><command:parameterValue required="true" variableLength="false">Enabled</command:parameterValue><command:parameterValue required="true" variableLength="false">NotConfigured</command:parameterValue></command:parameterValueGroup></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>context</maml:name><maml:description><maml:para>Specifies whether to set certificate auto-enrollment policy for the user or computer context.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Context</command:parameterValue><dev:type><maml:name>Context</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>EnableAll</maml:name><maml:description><maml:para>Enables all of the auto-enrollment policy settings and sets the value for the expiration percentage to 10 percent. If this parameter is enabled, then only the Context parameter is required and all other parameters are optional.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>EnableBalloonNotifications</maml:name><maml:description><maml:para>Enables the Expiration balloon notifications option for the certificate auto-enrollment policy.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>EnableMyStoreManagement</maml:name><maml:description><maml:para>Enables the Renew expired certificates, update pending certificates, and remove revoked certificates option for the certificate auto-enrollment policy.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>EnableTemplateCheck</maml:name><maml:description><maml:para>Verifies that existing certificates are based on the most recent version of a certificate template and updates them if they are not.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>ExpirationPercentage</maml:name><maml:description><maml:para>Sets the percentage of the certificate lifetime at which close-to-expiration events are logged and auto-enrollment notifications start to appear.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Int32</command:parameterValue><dev:type><maml:name>Int32</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>PolicyState</maml:name><maml:description><maml:para>Specifies the state of the certificate auto-enrollment policy configuration.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">PolicySetting</command:parameterValue><dev:type><maml:name>PolicySetting</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases=""><maml:name>StoreName</maml:name><maml:description><maml:para>Specifies additional comma separated certificate stores to monitor for certificates that have expired or are expiring. The MY store is always monitored.</maml:para></maml:description><command:parameterValue required="true" variableLength="true">String[]</command:parameterValue><dev:type><maml:name>String[]</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>Microsoft.CertificateServices.Commands.AutoEnrollmentPolicy</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The AutoEnrollmentPolicy object combines certificate auto-enrollment policy settings and exposes them as properties.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>Microsoft.CertificateServices.Commands.AutoEnrollmentPolicy</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The AutoEnrollmentPolicy object combines certificate auto-enrollment policy settings and exposes them as properties. Each property can be modified and piped into this cmdlet to be applied.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Set-CertificateAutoEnrollmentPolicy -PolicyState Enabled -EnableMyStoreManagement -EnableTemplateCheck -Context User </dev:code><dev:remarks><maml:para>This example enables local user certificate auto-enrollment policy with the Renew expired certificates, update pending certificates, and remove revoked certificates and Update certificates that use certificates templates options enabled.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Set-CertificateAutoEnrollmentPolicy -PolicyState NotConfigured -Context Machine </dev:code><dev:remarks><maml:para>This example sets local computer certificate auto-enrollment policy to Not Configured.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 3</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Set-CertificateAutoEnrollmentPolicy -ExpirationPercentage 15 -PolicyState Enabled -EnableExpirationNotification -Context Machine -StoreName "Remote Desktop" </dev:code><dev:remarks><maml:para>This example enables local computer certificate auto-enrollment policy with the Expiration notifications option enabled and set to 15 percent of the certificate lifetime. This cmdlet also configures the Remote Desktop certificate store as an additional store to be monitored for certificate expiration.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 4</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>The example in detail. PS C:\>Set-CertificateAutoEnrollmentPolicy -PolicyState Enabled -EnableMyStoreManagement -EnableTemplateCheck -EnableExpirationNotification -ExpirationPercentage 10 -Context User The concise version of the same example. PS C:\>Set-ACertificateutoEnrollmentPolicy -EnableAll -Context User </dev:code><dev:remarks><maml:para>This example performs the same task in two ways.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287539</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-CertificateAutoEnrollmentPolicy</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Switch-Certificate</command:name><maml:description><maml:para>Marks one certificate as having been replaced by another certificate.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Switch</command:verb><command:noun>Certificate</command:noun><dev:version /></command:details><maml:description><maml:para>The Switch-Certificate cmdlet marks one certificate as having been replaced by another certificate. This cmdlet triggers a replace certificate notification and optionally sets the renewal property on the certificate being replaced.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Switch-Certificate</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="1" aliases=""><maml:name>OldCert</maml:name><maml:description><maml:para>Specifies an X509 certificate or a certificate path in the certificate provider for the certificate to be replaced.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases=""><maml:name>NewCert</maml:name><maml:description><maml:para>Specifies an X509 certificate or a certificate path for the certificate that replaces the certificate specified with the OldCert parameter.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NotifyOnly</maml:name><maml:description><maml:para>Creates a replacement certificate notification without replacing the NewCert parameter with the OldCert parameter. This mode is useful when testing a script that was registered with the New-CertificateNotificationTask cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases=""><maml:name>NewCert</maml:name><maml:description><maml:para>Specifies an X509 certificate or a certificate path for the certificate that replaces the certificate specified with the OldCert parameter.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue><dev:type><maml:name>Certificate</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>NotifyOnly</maml:name><maml:description><maml:para>Creates a replacement certificate notification without replacing the NewCert parameter with the OldCert parameter. This mode is useful when testing a script that was registered with the New-CertificateNotificationTask cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="1" aliases=""><maml:name>OldCert</maml:name><maml:description><maml:para>Specifies an X509 certificate or a certificate path in the certificate provider for the certificate to be replaced.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue><dev:type><maml:name>Certificate</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>Confirm</maml:name><maml:description><maml:para>Prompts you for confirmation before running the cmdlet.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named"><maml:name>WhatIf</maml:name><maml:description><maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>Microsoft.CertificateServices.Commands.Certificate</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The Certificate object can either be provided as a Path object to a certificate or an X509Certificate2 object.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>None</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para></maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Switch-Certificate –OldCert cert:\LocalMachine\My\E42DBC3B3F2771990A9B3E35D0C3C422779DACD7 –NewCert cert:\LocalMachine\My\4A346B4385F139CA843912D358D765AB8DEE9FD4 </dev:code><dev:remarks><maml:para>This example sets the renewal property of the certificate with the thumbprint E42DBC3B3F2771990A9B3E35D0C3C422779DACD7 as renewed by the certificate with the thumbprint 4A346B4385F139CA843912D358D765AB8DEE9FD4 and generates a replace certificate notification.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code> PS C:\>Set-Location -Path cert:\LocalMachine\My PS C:\>$oldCert = (Get-ChildItem -Path E42DBC3B3F2771990A9B3E35D0C3C422779DACD7) PS C:\>$newCert = (Get-ChildItem -Path 4A346B4385F139CA843912D358D765AB8DEE9FD4) PS C:\>Switch-Certificate -OldCert $oldCert -NewCert $newCert –NotifyOnly </dev:code><dev:remarks><maml:para>This example locates two certificates in the machine MY store and assigns them the variables $oldCert and $newCert. This cmdlet then generates a replacement notification without changing a renewal property of the old certificate.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287540</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Set-Location</maml:linkText><maml:uri></maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>New-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Remove-CertificateNotificationTask</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Test-Certificate</command:name><maml:description><maml:para>Verifies a certificate according to the input parameters.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Test</command:verb><command:noun>Certificate</command:noun><dev:version /></command:details><maml:description><maml:para>The Test-Certificate cmdlet verifies a certificate according to input parameters. The revocation status of the certificate is verified by default. If the AllowUntrustedRoot parameter is specified, then a certificate chain is built but an untrusted root is allowed. Other errors are still verified against in this case, such as expired. If the DNSName parameter is used, then the DNS subject alternative name is used to verify SSL policy. If the EKU parameter is used, then the specified application policy object identifiers are used to verify the chain. If the User parameter is used, then the specified user context is used is to build and verify the chain.</maml:para><maml:para>Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Test-Certificate</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>Cert</maml:name><maml:description><maml:para>Specifies the certificate to test. Either the certificate object or a path to the certificate in a certificate store can be specified.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>AllowUntrustedRoot</maml:name><maml:description><maml:para>Specifies whether the root certificate is required to be trusted in chain building. When this parameter is used, the certificate chain is built but an untrusted root is allowed. Other errors are still verified against in this case, such as expired. If this parameter is not specified, then revocation status is checked by default.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>DNSName</maml:name><maml:description><maml:para>Specifies the DNS name to verify as valid for the certificate. If this parameter is specified but not the Policy parameter, then the CERT_CHAIN_POLICY_SSL policy is applied and the DNS name is validated for the certificate. If a CERT_CHAIN_POLICY_SSL policy does not exist, then the cmdlet will fail. If this parameter is not used and the Policy parameter is not specified, the default CERT_CHAIN_POLICY_BASE policy is applied. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>EKU</maml:name><maml:description><maml:para>Specifies a list of enhanced key usage (EKU) object identifiers to verify for the certificate chain.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Policy</maml:name><maml:description><maml:para>Specifies the policies that will be applied to verify the certificate. The acceptable values for this parameter are: AUTHENTICODE, BASE, NTAUTH, and SSL. If this parameter is not specified, then the BASE policy is used.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">TestCertificatePolicy</command:parameterValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>User</maml:name><maml:description><maml:para>Specifies whether the user or machine context is used to test the certificate. If this parameter is not specified, then the machine context is used.</maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>AllowUntrustedRoot</maml:name><maml:description><maml:para>Specifies whether the root certificate is required to be trusted in chain building. When this parameter is used, the certificate chain is built but an untrusted root is allowed. Other errors are still verified against in this case, such as expired. If this parameter is not specified, then revocation status is checked by default.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1" aliases=""><maml:name>Cert</maml:name><maml:description><maml:para>Specifies the certificate to test. Either the certificate object or a path to the certificate in a certificate store can be specified.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">Certificate</command:parameterValue><dev:type><maml:name>Certificate</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>DNSName</maml:name><maml:description><maml:para>Specifies the DNS name to verify as valid for the certificate. If this parameter is specified but not the Policy parameter, then the CERT_CHAIN_POLICY_SSL policy is applied and the DNS name is validated for the certificate. If a CERT_CHAIN_POLICY_SSL policy does not exist, then the cmdlet will fail. If this parameter is not used and the Policy parameter is not specified, the default CERT_CHAIN_POLICY_BASE policy is applied. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>EKU</maml:name><maml:description><maml:para>Specifies a list of enhanced key usage (EKU) object identifiers to verify for the certificate chain.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>Policy</maml:name><maml:description><maml:para>Specifies the policies that will be applied to verify the certificate. The acceptable values for this parameter are: AUTHENTICODE, BASE, NTAUTH, and SSL. If this parameter is not specified, then the BASE policy is used.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">TestCertificatePolicy</command:parameterValue><dev:type><maml:name>TestCertificatePolicy</maml:name><maml:uri /></dev:type><dev:defaultValue>BASE</dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>User</maml:name><maml:description><maml:para>Specifies whether the user or machine context is used to test the certificate. If this parameter is not specified, then the machine context is used.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>false</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>Microsoft.CertificateServices.Commands.Certificate</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The Certificate object can either be provided as a Path object to a certificate or an X509Certificate2 object.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>System.Boolean</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>If the verification succeeds, then the return value is True; otherwise the return value is False.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>EXAMPLE 1</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Get-ChildItem -Path Cert:\localMachine\My | Test-Certificate -Policy SSL -DNSName "dns=contoso.com" </dev:code><dev:remarks><maml:para>This example verifies each certificate in the MY store of the local machine and verifies that it is valid for SSL with the DNS name specified.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>EXAMPLE 2</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Test-Certificate –Cert cert:\currentuser\my\191c46f680f08a9e6ef3f6783140f60a979c7d3b -AllowUntrustedRoot -EKU "1.3.6.1.5.5.7.3.1" –User </dev:code><dev:remarks><maml:para>This example verifies that the provided EKU is valid for the specified certificate and its chain. Revocation checking is not performed.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=287541</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-ChildItem</maml:linkText><maml:uri></maml:uri></maml:navigationLink></maml:relatedLinks></command:command> </helpItems> |