< Back
New-AzureKeyVaultCertificatePolicy
Post
NAME New-AzureKeyVaultCertificatePolicy
SYNOPSIS
Creates an in-memory certificate policy object.
SYNTAX
New-AzureKeyVaultCertificatePolicy [-IssuerName] <String> [-DnsName] <System.Collections.Generic.List`1[System.String]> [[-SubjectName] <String>]
[-CertificateType <String>] [-DefaultProfile <IAzureContextContainer>] [-Disabled] [-Ekus <System.Collections.Generic.List`1[System.String]>]
[-EmailAtNumberOfDaysBeforeExpiry <Int32>] [-EmailAtPercentageLifetime <Int32>] [-KeyNotExportable] [-KeyType {RSA | RSA-HSM}] [-KeyUsage
<System.Collections.Generic.List`1[System.String]>] [-RenewAtNumberOfDaysBeforeExpiry <Int32>] [-RenewAtPercentageLifetime <Int32>]
[-ReuseKeyOnRenewal] [-SecretContentType {application/x-pkcs12 | application/x-pem-file}] [-ValidityInMonths <Int32>] [-Confirm] [-WhatIf]
[<CommonParameters>]
New-AzureKeyVaultCertificatePolicy [-IssuerName] <String> [-SubjectName] <String> [-CertificateType <String>] [-DefaultProfile
<IAzureContextContainer>] [-Disabled] [-Ekus <System.Collections.Generic.List`1[System.String]>] [-EmailAtNumberOfDaysBeforeExpiry <Int32>]
[-EmailAtPercentageLifetime <Int32>] [-KeyNotExportable] [-KeyType {RSA | RSA-HSM}] [-KeyUsage <System.Collections.Generic.List`1[System.String]>]
[-RenewAtNumberOfDaysBeforeExpiry <Int32>] [-RenewAtPercentageLifetime <Int32>] [-ReuseKeyOnRenewal] [-SecretContentType {application/x-pkcs12 |
application/x-pem-file}] [-ValidityInMonths <Int32>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The New-AzureKeyVaultCertificatePolicy cmdlet creates an in-memory certificate policy object for Azure Key Vault.
PARAMETERS
-CertificateType <String>
Specifies the type of certificate to the issuer.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Disabled [<SwitchParameter>]
Indicates that the certificate policy is disabled.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DnsName <System.Collections.Generic.List`1[System.String]>
Specifies the DNS names in the certificate.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Ekus <System.Collections.Generic.List`1[System.String]>
Specifies the enhanced key usages (EKUs) in the certificate.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EmailAtNumberOfDaysBeforeExpiry <Int32>
Specifies how many days before expiry the automatic notification process begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EmailAtPercentageLifetime <Int32>
Specifies the percentage of the lifetime after which the automatic process for the notification begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-IssuerName <String>
Specifies the name of the issuer for the certificate.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyNotExportable [<SwitchParameter>]
Indicates that the key is not exportable.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyType <String>
Specifies the key type of the key that backs the certificate. The acceptable values for this parameter are:
- RSA
- RSA-HSM
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyUsage <System.Collections.Generic.List`1[System.String]>
Specifies the key usages in the certificate.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RenewAtNumberOfDaysBeforeExpiry <Int32>
Specifies the number of days before expiry after which the automatic process for certificate renewal begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RenewAtPercentageLifetime <Int32>
Specifies the percentage of the lifetime after which the automatic process for certificate renewal begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ReuseKeyOnRenewal [<SwitchParameter>]
Indicates that the certificate reuse the key during renewal.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SecretContentType <String>
Specifies the content type of the new key vault secret. The acceptable values for this parameter are:
- application/x-pkcs12
- application/x-pem-file
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SubjectName <String>
Specifies the subject name of the certificate.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ValidityInMonths <Int32>
Specifies the number of months the certificate is valid.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultCertificatePolicy
NOTES
Example 1: Create a certificate policy
PS C:\\>New-AzureKeyVaultCertificatePolicy -SecretContentType "application/x-pkcs12" -SubjectName "CN=contoso.com" -IssuerName "Self"
-ValidityInMonths 6 -ReuseKeyOnRenewal
This command creates a certificate policy that is valid for six months and reuses the key to renew the certificate.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... catepolicy
Get-AzureKeyVaultCertificatePolicy
Set-AzureKeyVaultCertificatePolicy
SYNOPSIS
Creates an in-memory certificate policy object.
SYNTAX
New-AzureKeyVaultCertificatePolicy [-IssuerName] <String> [-DnsName] <System.Collections.Generic.List`1[System.String]> [[-SubjectName] <String>]
[-CertificateType <String>] [-DefaultProfile <IAzureContextContainer>] [-Disabled] [-Ekus <System.Collections.Generic.List`1[System.String]>]
[-EmailAtNumberOfDaysBeforeExpiry <Int32>] [-EmailAtPercentageLifetime <Int32>] [-KeyNotExportable] [-KeyType {RSA | RSA-HSM}] [-KeyUsage
<System.Collections.Generic.List`1[System.String]>] [-RenewAtNumberOfDaysBeforeExpiry <Int32>] [-RenewAtPercentageLifetime <Int32>]
[-ReuseKeyOnRenewal] [-SecretContentType {application/x-pkcs12 | application/x-pem-file}] [-ValidityInMonths <Int32>] [-Confirm] [-WhatIf]
[<CommonParameters>]
New-AzureKeyVaultCertificatePolicy [-IssuerName] <String> [-SubjectName] <String> [-CertificateType <String>] [-DefaultProfile
<IAzureContextContainer>] [-Disabled] [-Ekus <System.Collections.Generic.List`1[System.String]>] [-EmailAtNumberOfDaysBeforeExpiry <Int32>]
[-EmailAtPercentageLifetime <Int32>] [-KeyNotExportable] [-KeyType {RSA | RSA-HSM}] [-KeyUsage <System.Collections.Generic.List`1[System.String]>]
[-RenewAtNumberOfDaysBeforeExpiry <Int32>] [-RenewAtPercentageLifetime <Int32>] [-ReuseKeyOnRenewal] [-SecretContentType {application/x-pkcs12 |
application/x-pem-file}] [-ValidityInMonths <Int32>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The New-AzureKeyVaultCertificatePolicy cmdlet creates an in-memory certificate policy object for Azure Key Vault.
PARAMETERS
-CertificateType <String>
Specifies the type of certificate to the issuer.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Disabled [<SwitchParameter>]
Indicates that the certificate policy is disabled.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DnsName <System.Collections.Generic.List`1[System.String]>
Specifies the DNS names in the certificate.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Ekus <System.Collections.Generic.List`1[System.String]>
Specifies the enhanced key usages (EKUs) in the certificate.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EmailAtNumberOfDaysBeforeExpiry <Int32>
Specifies how many days before expiry the automatic notification process begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EmailAtPercentageLifetime <Int32>
Specifies the percentage of the lifetime after which the automatic process for the notification begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-IssuerName <String>
Specifies the name of the issuer for the certificate.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyNotExportable [<SwitchParameter>]
Indicates that the key is not exportable.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyType <String>
Specifies the key type of the key that backs the certificate. The acceptable values for this parameter are:
- RSA
- RSA-HSM
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyUsage <System.Collections.Generic.List`1[System.String]>
Specifies the key usages in the certificate.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RenewAtNumberOfDaysBeforeExpiry <Int32>
Specifies the number of days before expiry after which the automatic process for certificate renewal begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RenewAtPercentageLifetime <Int32>
Specifies the percentage of the lifetime after which the automatic process for certificate renewal begins.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ReuseKeyOnRenewal [<SwitchParameter>]
Indicates that the certificate reuse the key during renewal.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SecretContentType <String>
Specifies the content type of the new key vault secret. The acceptable values for this parameter are:
- application/x-pkcs12
- application/x-pem-file
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SubjectName <String>
Specifies the subject name of the certificate.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ValidityInMonths <Int32>
Specifies the number of months the certificate is valid.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultCertificatePolicy
NOTES
Example 1: Create a certificate policy
PS C:\\>New-AzureKeyVaultCertificatePolicy -SecretContentType "application/x-pkcs12" -SubjectName "CN=contoso.com" -IssuerName "Self"
-ValidityInMonths 6 -ReuseKeyOnRenewal
This command creates a certificate policy that is valid for six months and reuses the key to renew the certificate.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... catepolicy
Get-AzureKeyVaultCertificatePolicy
Set-AzureKeyVaultCertificatePolicy