Update-AdfsCertificate
Updates the certificates of AD FS.
Syntax
Default (Default)
Update-AdfsCertificate
[[-CertificateType] <String>]
[-Urgent]
[-PassThru]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Update-AdfsCertificate cmdlet creates new certificates for Active Directory Federation Services (AD FS). When automatic certificate rollover is enabled and AD FS is managing the certificates that are used for signing, this update cmdlet can be used to initiate a rollover.
Examples
Example 1: Update a token-signing certificate
PS C:\> Update-AdfsCertificate -CertificateType "Token-Signing"
This command updates the token-signing certificate.
Parameters
-CertificateType
Specifies the type of certificate to rollover. The acceptable values for this parameter are:
- Token-Decrypting
- Token-Signing
Parameter properties
| Type: | String |
| Default value: | None |
| Accepted values: | Token-Decrypting, Token-Signing |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 0 |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Urgent
Indicates that the certificate rollover should happen immediately. An urgent rollover removes older certificates immediately. It might result in a service outage as trusts update to use the new certificates.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
Outputs
Microsoft.IdentityServer.PowerShell.Resources.ServiceCertificate
Returns the updated ServiceCertificate object when the PassThru parameter is specified. By default, this cmdlet does not generate any output.
Notes
- The Urgent parameter option is useful for emergency rollover situations in which a key might be compromised.