Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Disable-TlsSessionTicketKey

Windows Server 2012 R2 and Windows 8.1

Updated: October 17, 2013

Applies To: Windows 8.1, Windows PowerShell 4.0, Windows Server 2012 R2

Disable-TlsSessionTicketKey

Disables a TLS session ticket key.

Syntax

Parameter Set: Default
Disable-TlsSessionTicketKey [-ServiceAccountName] <NTAccount> [-Confirm] [-WhatIf] [ <CommonParameters>]




Detailed Description

The Disable-TlsSessionTicketKey cmdlet disables an administrator managed Transport Layer Security (TLS) session ticket key for the service account. The cmdlet disables the key for the TLS session by deleting the key and the corresponding rule that uses the key.

When you disable a TLS session ticket key for the service account, the service account cannot decrypt existing TLS session tickets. Disabling the TLS session ticket key can affect the performance of the TLS server. The TLS server cannot create new session tickets and must negotiate session information between the client and the server every time the client connects to the TLS server.

TLS creates a session ticket by using the Transport Layer Security (TLS) Session Resumption without Server-Side State mechanism [RFC 5077]. This mechanism helps to improve the performance of TLS. The TLS server uses this mechanism to create a key to encrypt a session ticket. The client can later use the encrypted session ticket to resume communication with the TLS server. Otherwise, the client must restart the communication by acquiring a new session ticket. For more information, see RFC 5077, "Transport Layer Security (TLS) Session Resumption without Server-Side State."

Parameters

-ServiceAccountName<NTAccount>

Specifies the name of a service account. The cmdlet disables the TLS session ticket key for the service account.


Aliases

none

Required?

true

Position?

1

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Confirm

Prompts you for confirmation before running the cmdlet.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see    about_CommonParameters.

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

Examples

Example 1: Disable a TLS session ticket key.

This command disables the TLS session ticket key for the service account named Networkservice.


PS C:\> Disable-TlsSessionTicketKey -ServiceAccountName "Networkservice"

Related topics

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.