< Back
Set-DbaNetworkCertificate
Post
NAME Set-DbaNetworkCertificate
SYNOPSIS
Sets the network certificate for SQL Server instance
SYNTAX
Set-DbaNetworkCertificate [-SqlInstance <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>] [-Credential
<Pscredential>] [-EnableException <Switch>] [<CommonParameters>]
Set-DbaNetworkCertificate [-SqlInstance <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>] [-Credential
<Pscredential>] -Certificate <System.Security.Cryptography.X509Certificates.X509Certificate2> [-EnableException
<Switch>] [<CommonParameters>]
Set-DbaNetworkCertificate [-SqlInstance <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>] [-Credential
<Pscredential>] -Thumbprint <String> [-EnableException <Switch>] [<CommonParameters>]
DESCRIPTION
Sets the network certificate for SQL Server instance. This setting is found in Configuration Manager.
This command also grants read permissions for the service account on the certificate's private key.
References:
http://sqlmag.com/sql-server/7-steps-ssl-encryption
https://azurebi.jppp.org/2016/01/23/usi ... nnections/
https://blogs.msdn.microsoft.com/sqlser ... tificates/
PARAMETERS
-Certificate [<System.Security.Cryptography.X509Certificates.X509Certificate2>]
The target certificate object
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Credential [<Pscredential>]
Allows you to login to the computer (not sql instance) using alternative credentials.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-EnableException [<Switch>]
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables
advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own
try/catch.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-SqlInstance [<Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>]
The target SQL Server instance or instances. Defaults to localhost.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Thumbprint [<String>]
The thumbprint of the target certificate
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
NOTES
Tags: Certificate
Author: Chrissy LeMaire (@cl), netnerds.net
Website: https://dbatools.io
Copyright: (c) 2018 by dbatools, licensed under MIT
License: MIT https://opensource.org/licenses/MIT
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>New-DbaComputerCertificate | Set-DbaNetworkCertificate -SqlInstance localhost\\SQL2008R2SP2
Creates and imports a new certificate signed by an Active Directory CA on localhost then sets the network
certificate for the SQL2008R2SP2 to that newly created certificate.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>Set-DbaNetworkCertificate -SqlInstance sql1\\SQL2008R2SP2 -Thumbprint
1223FB1ACBCA44D3EE9640F81B6BA14A92F3D6E2
Sets the network certificate for the SQL2008R2SP2 instance to the certificate with the thumbprint of
1223FB1ACBCA44D3EE9640F81B6BA14A92F3D6E2 in LocalMachine\\My on sql1
RELATED LINKS
https://dbatools.io/Set-DbaNetworkCertificate
SYNOPSIS
Sets the network certificate for SQL Server instance
SYNTAX
Set-DbaNetworkCertificate [-SqlInstance <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>] [-Credential
<Pscredential>] [-EnableException <Switch>] [<CommonParameters>]
Set-DbaNetworkCertificate [-SqlInstance <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>] [-Credential
<Pscredential>] -Certificate <System.Security.Cryptography.X509Certificates.X509Certificate2> [-EnableException
<Switch>] [<CommonParameters>]
Set-DbaNetworkCertificate [-SqlInstance <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>] [-Credential
<Pscredential>] -Thumbprint <String> [-EnableException <Switch>] [<CommonParameters>]
DESCRIPTION
Sets the network certificate for SQL Server instance. This setting is found in Configuration Manager.
This command also grants read permissions for the service account on the certificate's private key.
References:
http://sqlmag.com/sql-server/7-steps-ssl-encryption
https://azurebi.jppp.org/2016/01/23/usi ... nnections/
https://blogs.msdn.microsoft.com/sqlser ... tificates/
PARAMETERS
-Certificate [<System.Security.Cryptography.X509Certificates.X509Certificate2>]
The target certificate object
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Credential [<Pscredential>]
Allows you to login to the computer (not sql instance) using alternative credentials.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-EnableException [<Switch>]
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables
advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own
try/catch.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-SqlInstance [<Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>]
The target SQL Server instance or instances. Defaults to localhost.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Thumbprint [<String>]
The thumbprint of the target certificate
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
NOTES
Tags: Certificate
Author: Chrissy LeMaire (@cl), netnerds.net
Website: https://dbatools.io
Copyright: (c) 2018 by dbatools, licensed under MIT
License: MIT https://opensource.org/licenses/MIT
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>New-DbaComputerCertificate | Set-DbaNetworkCertificate -SqlInstance localhost\\SQL2008R2SP2
Creates and imports a new certificate signed by an Active Directory CA on localhost then sets the network
certificate for the SQL2008R2SP2 to that newly created certificate.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>Set-DbaNetworkCertificate -SqlInstance sql1\\SQL2008R2SP2 -Thumbprint
1223FB1ACBCA44D3EE9640F81B6BA14A92F3D6E2
Sets the network certificate for the SQL2008R2SP2 instance to the certificate with the thumbprint of
1223FB1ACBCA44D3EE9640F81B6BA14A92F3D6E2 in LocalMachine\\My on sql1
RELATED LINKS
https://dbatools.io/Set-DbaNetworkCertificate