commands

^

New-DbaComputerCertificateSigningRequest

Author Chrissy LeMaire (@cl), netnerds.net
Availability Windows only

 

Synopsis

Creates a new computer certificate signing request. Useful for offline servers and Forcing Encryption.

Description

Creates a new computer certificate signing request that is compatible with SQL Server.

By default, a key with a length of 1024 and a friendly name of the machines FQDN is generated.

Syntax

New-DbaComputerCertificateSigningRequest
    [[-ComputerName] <DbaInstanceParameter[]>]
    [[-Credential] <PSCredential>]
    [[-ClusterInstanceName] <String>]
    [[-Path] <String>]
    [[-FriendlyName] <String>]
    [[-KeyLength] <Int32>]
    [[-Dns] <String[]>]
    [-EnableException]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> New-DbaComputerCertificate

Creates a computer certificate signing request for the local machine with the keylength of 1024.

Example: 2
PS C:\> New-DbaComputerCertificate -ComputerName Server1

Creates a computer certificate signing request for server1 with the keylength of 1024.

Example: 3
PS C:\> New-DbaComputerCertificate -ComputerName sqla, sqlb -ClusterInstanceName sqlcluster -KeyLength 4096

Creates a computer certificate signing request for sqlcluster with the keylength of 4096.

Example: 4
PS C:\> New-DbaComputerCertificate -ComputerName Server1 -WhatIf

Shows what would happen if the command were run

Optional Parameters

-ComputerName

The target SQL Server instance or instances. Defaults to localhost. If target is a cluster, you must also specify ClusterInstanceName (see below)

Alias
Required False
Pipeline true (ByValue)
Default Value $env:COMPUTERNAME
-Credential

Allows you to login to $ComputerName using alternative credentials.

Alias
Required False
Pipeline false
Default Value
-ClusterInstanceName

When creating certs for a cluster, use this parameter to create the certificate for the cluster node name. Use ComputerName for each of the nodes.

Alias
Required False
Pipeline false
Default Value
-Path

The folder to export to.

Alias
Required False
Pipeline false
Default Value (Get-DbatoolsConfigValue -FullName 'Path.DbatoolsExport')
-FriendlyName

The FriendlyName listed in the certificate. This defaults to the FQDN of the $ComputerName

Alias
Required False
Pipeline false
Default Value SQL Server
-KeyLength

The length of the key - defaults to 1024

Alias
Required False
Pipeline false
Default Value 1024
-Dns

Specify the Dns entries listed in SAN. By default, it will be ComputerName + FQDN, or in the case of clusters, clustername + cluster FQDN.

Alias
Required False
Pipeline false
Default Value
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False
-WhatIf

Shows what would happen if the command were to run. No actions are actually performed.

Alias wi
Required False
Pipeline false
Default Value
-Confirm

Prompts you for confirmation before executing any changing operations within the command.

Alias cf
Required False
Pipeline false
Default Value

 

Want to see the source code for this command? Check out New-DbaComputerCertificateSigningRequest on GitHub.
Want to see the Bill Of Health for this command? Check out New-DbaComputerCertificateSigningRequest.