Update-ADFSCertificate

Update-ADFSCertificate

Updates the certificates of the Federation Service.

Syntax

Update-ADFSCertificate [-CertificateType <string>] [-Urgent <Boolean>] [<CommonParameters>]
  • CertificateType

  • Urgent

Detailed Description

The Update-ADFSCertificate cmdlet creates new certificates for the Federation Service. When automatic certificate rollover is enabled and Active Directory Federation Services (AD FS) 2.0 is managing the certificates that are used for signing, this update cmdlet can be used to initiate a rollover.

Parameters

CertificateType

Indicates the type of certificate to rollover. Valid types include Token-Encryption and Token-Signing.

Default Value: **

Data Type: string

Attributes

Name Value PSMAML Attribute

Required?

false

required

Variable Length?

false

variableLength

Accept wildcard characters?

false

globbing

Accept Pipeline Input?

false

pipelineInput

Position?

named

position

Value Attributes

Name Value PSMAML Attribute

Required?

true

required

Variable Length?

false

variableLength

Urgent

Specifies that the certificate rollover should happen immediately. An urgent rollover removes older certificates immediately. It might result in a service outage as trusts update to use the new certificates.

Default Value: **

Data Type: Boolean

Attributes

Name Value PSMAML Attribute

Required?

false

required

Variable Length?

false

variableLength

Accept wildcard characters?

false

globbing

Accept Pipeline Input?

false

pipelineInput

Position?

named

position

Value Attributes

Name Value PSMAML Attribute

Required?

true

required

Variable Length?

false

variableLength

Input Type

None

Return Type

None

Notes

  • The Urgent parameter option is useful for emergency rollover situations in which a key might be compromised.

Examples

-------------------------- EXAMPLE 1 --------------------------

Command Prompt: C:\PS>

 
Update-ADFSCertificate -CertificateType Token-Signing                        

Description

-----------

Updates the token-signing certificate.

See Also

Reference

Add-ADFSCertificate
Remove-ADFSCertificate

Other Resources

Online version: