See Also
Topic Last Modified: 2013-03-06
Imports a certificate for use with Lync Server. If a certificate is not acquired by using the Request-CsCertificate cmdlet, then that certificate must be imported before it can be assigned to a Lync Server server role. This cmdlet was introduced in Lync Server 2010.
Syntax
Import-CsCertificate -Identity <XdsIdentity> -Type
<CertType[]> <COMMON PARAMETERS>
|
Import-CsCertificate [-PrivateKeyExportable <$true |
$false>] <COMMON PARAMETERS>
|
COMMON PARAMETERS: -Path <String> [-Confirm
[<SwitchParameter>]] [-EffectiveDate <DateTime>]
[-Force <SwitchParameter>] [-Password <String>]
[-Report <String>] [-Roll <SwitchParameter>] [-WhatIf
[<SwitchParameter>]]
|
Examples
EXAMPLE 1
The command shown in Example 1 imports the certificate C:\Certificates\WebServer.pfx. After the command completes, the certificate will be available to be assigned to a server role.
 Copy Code |
|
|---|---|
Import-CsCertificate -Path "C:\Certificates\WebServer.pfx" -PrivateKeyExportable $True |
|
Detailed Description
Lync Server uses certificates as a way for servers and server roles to verify their identities; for example, an Edge Server uses certificates to verify that the computer it is communicating with really is a Front End Server and vice versa. In order to fully implement Lync Server you will need to have the appropriate certificates assigned to the appropriate server roles.
In order for certificates to be assigned to a Lync Server role those certificates must be made known to Lync Server. The Request-CsCertificate cmdlet enables you to make both online and offline requests for new certificates. If an online request is made, the certificate will automatically be downloaded and saved in the local certificate store; equally important, it will be immediately available for use by Lync Server. If an offline request is made, a certificate file will be sent to you. At that point, you can use the Import-CsCertificate cmdlet to import the certificate, a process that makes the certificate available for assignment to a Lync Server server role.
Who can run this cmdlet: You must be a local administrator in order to run the Import-CsCertificate cmdlet locally. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:
Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Import-CsCertificate"}
Parameters
| Parameter | Required | Type | Description |
|---|---|---|---|
|
Identity |
Required |
Microsoft.Rtc.Management.Xds.XdsIdentity |
When set to Global, enables the certificate to function at the global scope. Global certificates will automatically be copied and distributed to the appropriate computers. |
|
Path |
Required |
System.String |
Full path to the certificate file to be imported. For example: –Path "C:\Certificates\WebServer.cer". |
|
Type |
Required |
Microsoft.Rtc.Management.Deployment.CertType[] |
Type of certificate being requested. Certificate types include, but are not limited to, the following: * AccessEdgeExternal * AudioVideoAuthentication * DataEdgeExternal * Default * External * Internal * iPadAPNService * iPhoneAPNService * LogRetentionService * MPNService * OAuthTokenIssuer * PICWebService * ProvisionService * SMPDNSWebService * TenantAdmin * UpgradeEngineService * WebServicesExternal * WebServicesInternal * WsFedTokenTransfer * XMPPServer |
|
Confirm |
Optional |
System.Management.Automation.SwitchParameter |
Prompts you for confirmation before executing the command. |
|
EffectiveDate |
Optional |
System.DateTime |
Date and time when the certificate can first be used. For example, to configure a certificate for first use at 8:00 AM on July 31, 2012 use this syntax on a server running under the US English Region and Language settings: -EffectiveTime "7/31/2012 8:00 AM" |
|
Force |
Optional |
System.Management.Automation.SwitchParameter |
Suppresses the display of any non-fatal error message that might occur when running the command. |
|
Password |
Optional |
System.String |
Password associated with the certificate file. |
|
PrivateKeyExportable |
Optional |
System.Boolean |
When set to True, ensures that the private key portion of the certificate can be read by the Network Service account. |
|
Report |
Optional |
System.String |
Enables you to specify a file path for the log file created when the cmdlet runs. For example: -Report "C:\Logs\Certificates.html" |
|
Roll |
Optional |
System.Management.Automation.SwitchParameter |
Enables you to update the specified certificate at the date and time specified by the EffectiveDate parameter; this enables you to specify a date and time when the new certificate will become the primary certificate. Note that your command will fail if you specify the Roll parameter without including the EffectiveDate parameter. |
|
WhatIf |
Optional |
System.Management.Automation.SwitchParameter |
Describes what would happen if you executed the command without actually executing the command. |
Input Types
None. The Import-CsCertificate cmdlet does not accept pipelined input.
Return Types
None.
