| Author | Chrissy LeMaire (@cl), netnerds.net |
| Availability | Windows, Linux, macOS |
Want to see the source code for this command? Check out New-DbaDbCertificate on GitHub.
Want to see the Bill Of Health for this command? Check out New-DbaDbCertificate.
Creates a new database certificate
Creates a new database certificate. If no database is specified, the certificate will be created in master.
New-DbaDbCertificate
[[-SqlInstance] <DbaInstanceParameter[]>]
[[-SqlCredential] <PSCredential>]
[[-Name] <String[]>]
[[-Database] <String[]>]
[[-Subject] <String[]>]
[[-StartDate] <DateTime>]
[[-ExpirationDate] <DateTime>]
[-ActiveForServiceBrokerDialog]
[[-SecurePassword] <SecureString>]
[[-InputObject] <Database[]>]
[-EnableException]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
PS C:\> New-DbaDbCertificate -SqlInstance Server1
You will be prompted to securely enter your password, then a certificate will be created in the master database on server1 if it does not exist.
PS C:\> New-DbaDbCertificate -SqlInstance Server1 -Database db1 -Confirm:$false
Suppresses all prompts to install but prompts to securely enter your password and creates a certificate in the 'db1' database
The target SQL Server instance or instances.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential).
Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported.
For MFA support, please use Connect-DbaInstance.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Optional name to create the certificate. Defaults to database name.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
The database where the certificate will be created. Defaults to master.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | master |
Optional subject that will be used when creating all certificates
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Optional start date that will be used when creating all certificates
By default, certs will start immediately
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | (Get-Date) |
Optional expiration that will be used when creating all certificates
By default, certs will last 5 years
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | $StartDate.AddYears(5) |
Microsoft has not provided a description so we can only assume the cert is active for service broker dialog
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | False |
Optional password - if no password is supplied, the password will be protected by the master key
| Alias | Password |
| Required | False |
| Pipeline | false |
| Default Value |
Enables piping from Get-DbaDatabase
| Alias | |
| Required | False |
| Pipeline | true (ByValue) |
| Default Value |
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | False |
Shows what would happen if the command were to run. No actions are actually performed.
| Alias | wi |
| Required | False |
| Pipeline | false |
| Default Value |
Prompts you for confirmation before executing any changing operations within the command.
| Alias | cf |
| Required | False |
| Pipeline | false |
| Default Value |