Set-DHASCertificate
Syntax
Set-DHASCertificateChainPolicy
[-CertificateChainPolicy] <CertificateChainPolicy>
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]Set-DHASCertificateChainPolicy
-RevocationFlag <String>
-RevocationMode <String>
-VerificationFlags <String>
-UrlRetrievalTimeout <String>
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]Description
The Set-DHASCertificateChainPolicy cmdlet sets the certificate chain policy that the Device Health Attestation service enforces. The certificate chain policy specifies parameters for certificate chain verification and revocation behavior.
You can specify a CertificateChainPolicy object to use as input, or alternatively, you can specify the components that comprise a CertificateChainPolicy . The components to specify as input are:
- RevocationFlag.
- RevocationMode.
- VerificationFlags.
- UrlRetrievalTimeout.
You must have administrator rights to run this cmdlets.
Examples
Example 1: Set certificate chain policy with a CertificateChainPolicy object
PS C:\> $policy = Get-DHASCertificateChainPolicy
PS C:\> $policy.RevocationFlag = "ExcludeRoot"
PS C:\> Set-DHASCertificateChainPolicy -CertificateChainPolicy $policyThe first command gets the CertificateChainPolicy object, and then stores it in the $policy variable.
The second command sets the RevocationFlag property of the policy to ExcludeRoot.
The third command sets the policy to include the new value for RevocationFlag.
Example 2: Set certificate chain policy with its components
PS C:\> Set-DHASCertificateChainPolicy -RevocationFlag "ExcludeRoot" -RevocationMode "NoCheck" -VerificationFlags "NoFlag" -UrlRetrievalTimeout "00:01:00"This command modifies the certificate chain policy by specifying a value for each of its components.
Required Parameters
Specifies the certificate chain policy to use.
| Type: | CertificateChainPolicy |
| Position: | 0 |
| Default value: | None |
| Accept pipeline input: | True (ByValue) |
| Accept wildcard characters: | False |
Specifies a .NET X509RevocationFlag enumeration .
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies a .NET X509RevocationMode enumeration .
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies a .NET TimeSpan structure .
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies a .NET X509VerificationFlags enumeration .
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Optional Parameters
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Forces the command to run without asking for user confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
CertificateChainPolicy