Export (0) Print
Expand All

Get-TpmEndorsementKeyInfo

Windows Server 2012 R2 and Windows 8.1

Updated: October 17, 2013

Applies To: Windows 8.1, Windows PowerShell 4.0, Windows Server 2012 R2

Get-TpmEndorsementKeyInfo

Gets information about the endorsement key and certificates of the TPM.

Syntax

Parameter Set: Default
Get-TpmEndorsementKeyInfo [[-HashAlgorithm] <String> ] [ <CommonParameters>]




Detailed Description

The Get-TpmEndorsementKeyInfo cmdlet gets information about the endorsement public key and certificates of the Trusted Platform Module (TPM).

Parameters

-HashAlgorithm<String>

Specifies the hash algorithm used for the public key. The acceptable values for this parameter are:  Sha256.


Aliases

none

Required?

false

Position?

2

Default Value

none

Accept Pipeline Input?

True (ByValue)

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see    about_CommonParameters.

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

  • String

    This accepts the name of the algorithm, as a string, used to hash the public key. Sha256 is the only supported algorithm.


Outputs

The output type is the type of the objects that the cmdlet emits.

  • EndorsementKeyObject

    This cmdlet generates an EndorsementKeyObject that contains the following members:

    -- IsPresent. A Boolean that represents whether the endorsement public key is known to the operating system.
    -- PublicKey. An AsnEncodedData object that contains the asn.1 encoded public portion of the endorsement key.
    -- PublicKeyHash. The hash, as a String, of the public key if the cmdlet used a hash algorithm.
    -- ManufacturerCertificates. A X509Certificate2Collection object that contains the manufacturer endorsement key certificates. This object can contain the manufacturer and platform certificates.
    -- AdditionalCertificates. A X509Certificate2Collection object that contains a collection of additional endorsement key certificates that are registered to the operating system, such as any enterprise certificates.


Examples

Example 1: Get endorsement key information

This command gets information about the endorsement key of the TPM. The command uses the Sha256 algorithm to hash the public key.


PS C:\> Get-TpmEndorsementKeyInfo -Hash "Sha256"
IsPresent                : True
PublicKey : System.Security.Cryptography.AsnEncodedData
PublicKeyHash : 70769c52b6e24ef683693c2a0208da68d77e94192e1f4080ae7c9b97c6caa681
ManufacturerCertificates : {[Subject]
OID.2.23.133.2.3=1.2,
OID.2.23.133.2.2=C4T8SOX3.5,
OID.2.23.133.2.1=id:782F345A

[Issuer]
CN=Contoso TPM CA1, OU=Contoso
Certification Authority, O=Contoso, C=KR

[Serial Number]
77A120A

[Not Before]
6/4/2012 6:35:58 PM

[Not After]
6/4/2022 6:35:57 PM

[Thumbprint]
77378D1480AB48FEA2D4E610B2C7EEF648FEA2
}
AdditionalCertificates : {}

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft