Topic Last Modified: 2010-10-01

Imports a certificate for use with Microsoft Lync Server 2010. If a certificate is not acquired by using the Request-CsCertificate cmdlet, then that certificate must be imported before it can be assigned to a Lync Server 2010 server role.


Import-CsCertificate -Path <String> [-Confirm [<SwitchParameter>]] [-Force <SwitchParameter>] [-Password <String>] [-PrivateKeyExportable <$true | $false>] [-Report <String>] [-WhatIf [<SwitchParameter>]]


Parameter Required Type Description




Full path to the certificate file to be imported. For example: –Path "C:\Certificates\WebServer.cer".




Password associated with the certificate file.




When set to True, ensures that the private key portion of the certificate can be read by the Network Service account.



Switch Parameter

Suppresses the display of any non-fatal error message that might occur when running the command.




Enables you to specify a file path for the log file created when the cmdlet runs. For example: -Report "C:\Logs\Certificates.html"



Switch Parameter

Describes what would happen if you executed the command without actually executing the command.



Switch Parameter

Prompts you for confirmation before executing the command.

Detailed Description

Lync Server 2010 uses certificates as a way for servers and server roles to verify their identities; for example, an Edge Server uses certificates to verify that the computer it is communicating with really is a Front End Server and vice versa. In order to fully implement Lync Server you will need to have the appropriate certificates assigned to the appropriate server roles.

In order for certificates to be assigned to a Lync Server role those certificates must be made known to Lync Server. The Request-CsCertificate cmdlet enables you to make both online and offline requests for new certificates. If an online request is made, the certificate will automatically be downloaded and saved in the local certificate store; equally important, it will be immediately available for use by Lync Server 2010. If an offline request is made, a certificate file will be sent to you. At that point, you can use Import-CsCertificate to import the certificate, a process that makes the certificate available for assignment to a Lync Server server role.

Who can run this cmdlet: You must be a local administrator in order to run the Import-CsCertificate cmdlet locally. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:

Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Import-CsCertificate"}

Input Types

None. Import-CsCertificate does not accept pipelined input.

Return Types



-------------------------- Example 1 ------------------------

Copy Code
Import-CsCertificate -Path "C:\Certificates\WebServer.cer" -PrivateKeyExportable $True

The command shown in Example 1 imports the certificate C:\Certificates\WebServer.cer. After the command completes, the certificate will be available to be assigned to a server role.

See Also