Topic Last Modified: 2013-03-07
Enables you to assign a certificate to a Lync Server server or server role. This cmdlet was introduced in Lync Server 2010.
Syntax
Set-CsCertificate -Reference <CertificateReference>
-Type <CertType[]> [-Identity <XdsIdentity>] <COMMON
PARAMETERS>
|
Set-CsCertificate -Identity <XdsIdentity> -Path
<String> -Type <CertType[]> [-Password <String>]
<COMMON PARAMETERS>
|
Set-CsCertificate -Thumbprint <String> -Type
<CertType[]> [-Identity <XdsIdentity>] <COMMON
PARAMETERS>
|
COMMON PARAMETERS: [-Confirm [<SwitchParameter>]]
[-EffectiveDate <DateTime>] [-Force <SwitchParameter>]
[-Report <String>] [-Roll <SwitchParameter>] [-WhatIf
[<SwitchParameter>]]
|
Examples
EXAMPLE 1
The command shown in Example 1 assigns the certificate with the Thumbprint B142918E463981A76503828BB1278391B716280987B to the WebServicesExternal role on the local computer.
Copy Code | |
---|---|
Set-CsCertificate -Type WebServicesExternal -Thumbprint "B142918E463981A76503828BB1278391B716280987B" |
EXAMPLE 2
Example 2 assigns the assigns the certificate with the Thumbprint B142918E463981A76503828BB1278391B716280987B to three different roles on the local computer: Default, WebServicesInternal, and WebServicesExternal.
Copy Code | |
---|---|
Set-CsCertificate -Type Default, WebServicesInternal, WebServicesExternal -Thumbprint "B142918E463981A76503828BB1278391B716280987B" |
Detailed Description
Lync Server uses certificates as a way for servers and server roles to verify their identities; for example, an Edge Server uses certificates to verify that the computer it is communicating with really is a Front End Server and vice versa. In order to fully implement Lync Server, you will need to have the appropriate certificates assigned to the appropriate server roles.
The Set-CsCertificate cmdlet enables administrators to assign a certificate to a server or server role. Note that you can only assign certificates that have already been configured for use with Lync Server. To identify certificates available for assignment, use the Get-CsCertificate cmdlet.
Who can run this cmdlet: You must be a local administrator in order to run the Set-CsCertificate cmdlet locally. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:
Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Set-CsCertificate"}
Parameters
Parameter | Required | Type | Description |
---|---|---|---|
Identity |
Required |
Microsoft.Rtc.Management.Xds.XdsIdentity |
When set to Global, enables the certificate to function at the global scope. Global certificates will automatically be copied and distributed to the appropriate computers. |
Path |
Required |
System.String |
Full path to the .PFX certificate file. |
Reference |
Required |
Microsoft.Rtc.Management.Deployment.CertificateReference |
Object reference to a certificate configured for use with Lync Server. The following command returns an object reference (the variable $x) representing a certificate with the thumbprint B142918E463981A76503828BB1278391B716280987B: $x = Get-CsCertificate | Where-Object {$_.Thumbprint –eq "B142918E463981A76503828BB1278391B716280987B". |
Thumbprint |
Required |
System.String |
Unique identifier for the certificate. A certificate thumbprint looks similar to this: B142918E463981A76503828BB1278391B716280987B. |
Type |
Required |
Microsoft.Rtc.Management.Deployment.CertType[] |
Type of certificate being assigned. Certificate types include, but are not limited to, the following: AccessEdgeExternal AudioVideoAuthentication DataEdgeExternal Default External Internal iPhoneAPNService iPadAPNService MPNService PICWebService (Microsoft Lync Online 2010 only) ProvisionService (Microsoft Lync Online 2010 only) WebServicesExternal WebServicesInternal WsFedTokenTransfer For example, this syntax assigns the Default certificate: -Type Default. You can specify multiple types in a single command by separating the certificate types with commas: -Type Internal,External,Default |
Confirm |
Optional |
System.Management.Automation.SwitchParameter |
Prompts you for confirmation before executing the command. |
EffectiveDate |
Optional |
System.DateTime |
Date and time when the certificate can first be used. For example, to configure a certificate for first use at 8:00 AM on July 31, 2012 use this syntax on a server running under the US English Region and Language settings: -EffectiveTime "7/31/2012 8:00 AM" |
Force |
Optional |
System.Management.Automation.SwitchParameter |
Suppresses the display of any non-fatal error message that might arise when running the command. |
Password |
Optional |
System.String |
Password for the certificate. |
Report |
Optional |
System.String |
Enables you to record detailed information about the procedures carried out by the Set-CsCertificate cmdlet. The parameter value should be the full path to the HTML file to be generated; for example: -Report C:\Logs\Certificates.html. If the specified file already exists it will automatically be overwritten with the new information. |
Roll |
Optional |
System.Management.Automation.SwitchParameter |
Enables you to update the specified certificate at the date and time specified by the EffectiveDate parameter; this enables you to specify a date and time when the new certificate will become the primary certificate. Note that your command will fail if you specify the Roll parameter without including the EffectiveDate parameter. |
WhatIf |
Optional |
System.Management.Automation.SwitchParameter |
Describes what would happen if you executed the command without actually executing the command. |
Input Types
Microsoft.Rtc.Management.Deployment.CertificateReference.
Return Types
The Set-CsCertificate cmdlet does not return any values or objects.