Update-ADFSCertificate
Update-ADFSCertificate
Updates the certificates of the Federation Service.
Syntax
Update-ADFSCertificate [-CertificateType <string>] [-Urgent <Boolean>] [<CommonParameters>]
CertificateType
Urgent
Detailed Description
The Update-ADFSCertificate cmdlet creates new certificates for the Federation Service. When automatic certificate rollover is enabled and Active Directory Federation Services (AD FS) 2.0 is managing the certificates that are used for signing, this update cmdlet can be used to initiate a rollover.
Parameters
CertificateType
Indicates the type of certificate to rollover. Valid types include Token-Encryption and Token-Signing.
Default Value: **
Data Type: string
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
false |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
false |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
Urgent
Specifies that the certificate rollover should happen immediately. An urgent rollover removes older certificates immediately. It might result in a service outage as trusts update to use the new certificates.
Default Value: **
Data Type: Boolean
Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
false |
required |
Variable Length? |
false |
variableLength |
Accept wildcard characters? |
false |
globbing |
Accept Pipeline Input? |
false |
pipelineInput |
Position? |
named |
position |
Value Attributes
Name | Value | PSMAML Attribute |
---|---|---|
Required? |
true |
required |
Variable Length? |
false |
variableLength |
Input Type
None
Return Type
None
Notes
- The Urgent parameter option is useful for emergency rollover situations in which a key might be compromised.
Examples
-------------------------- EXAMPLE 1 --------------------------
Command Prompt: C:\PS>
Update-ADFSCertificate -CertificateType Token-Signing
Description
-----------
Updates the token-signing certificate.
See Also
Reference
Add-ADFSCertificate
Remove-ADFSCertificate