commands

^

Add-DbaComputerCertificate

Author Chrissy LeMaire (@cl), netnerds.net
Availability Windows, Linux, macOS

 

Want to see the source code for this command? Check out Add-DbaComputerCertificate on GitHub.
Want to see the Bill Of Health for this command? Check out Add-DbaComputerCertificate.

Synopsis

Adds a computer certificate - useful for older systems.

Description

Adds a computer certificate from a local or remote computer.

Syntax

Add-DbaComputerCertificate
    [[-ComputerName] <DbaInstanceParameter[]>]
    [[-Credential] <PSCredential>]
    [[-SecurePassword] <SecureString>]
    [[-Certificate] <X509Certificate2[]>]
    [[-Path] <String>]
    [[-Store] <String>]
    [[-Folder] <String>]
    [[-Flag] <String[]>]
    [-EnableException]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> Add-DbaComputerCertificate -ComputerName Server1 -Path C:\temp\cert.cer

Adds the local C:\temp\cert.cer to the remote server Server1 in LocalMachine\My (Personal).

Example: 2
PS C:\> Add-DbaComputerCertificate -Path C:\temp\cert.cer

Adds the local C:\temp\cert.cer to the local computer's LocalMachine\My (Personal) certificate store.

Example: 3
PS C:\> Add-DbaComputerCertificate -Path C:\temp\cert.cer

Adds the local C:\temp\cert.cer to the local computer's LocalMachine\My (Personal) certificate store.

Example: 4
PS C:\> Add-DbaComputerCertificate -ComputerName sql01 -Path C:\temp\sql01.pfx -Confirm:$false -Flag NonExportable

Adds the local C:\temp\sql01.pfx to sql01's LocalMachine\My (Personal) certificate store and marks the private key as non-exportable. Skips confirmation prompt.

Optional Parameters

-ComputerName

The target SQL Server instance or instances. Defaults to localhost.

Alias
Required False
Pipeline false
Default Value $env:COMPUTERNAME
-Credential

Allows you to login to $ComputerName using alternative credentials.

Alias
Required False
Pipeline false
Default Value
-SecurePassword

The password for the certificate, if it is password protected.

Alias Password
Required False
Pipeline false
Default Value
-Certificate

The target certificate object.

Alias
Required False
Pipeline true (ByValue)
Default Value
-Path

The local path to the target certificate object.

Alias
Required False
Pipeline false
Default Value
-Store

Certificate store. Default is LocalMachine.

Alias
Required False
Pipeline false
Default Value LocalMachine
-Folder

Certificate folder. Default is My (Personal).

Alias
Required False
Pipeline false
Default Value My
-Flag

Defines where and how to import the private key of an X.509 certificate.
Defaults to: Exportable, PersistKeySet
EphemeralKeySet
The key associated with a PFX file is created in memory and not persisted on disk when importing a certificate.
Exportable
Imported keys are marked as exportable.
NonExportable
Expliictly mark keys as nonexportable.
PersistKeySet
The key associated with a PFX file is persisted when importing a certificate.
UserProtected
Notify the user through a dialog box or other method that the key is accessed. The Cryptographic Service Provider (CSP) in use defines the precise behavior. NOTE: This can only be used when you
add a certificate to localhost, as it causes a prompt to appear.

Alias
Required False
Pipeline false
Default Value @("Exportable", "PersistKeySet")
Accepted Values EphemeralKeySet,Exportable,PersistKeySet,UserProtected,NonExportable
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False
-WhatIf

If this switch is enabled, no actions are performed but informational messages will be displayed that explain what would happen if the command were to run.

Alias wi
Required False
Pipeline false
Default Value
-Confirm

If this switch is enabled, you will be prompted for confirmation before executing any operations that change state.

Alias cf
Required False
Pipeline false
Default Value