PowerShell Logo Small

Add-CACrlDistributionPoint



This is the built-in help made by Microsoft for the command 'Add-CACrlDistributionPoint', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Adds a certificate revocation list (CRL) distribution point uniform resource indicator (URI) where AD CS publishes certification revocations.

SYNTAX


Add-CACrlDistributionPoint [-Uri] <String> [-AddToCertificateCdp] [-AddToCrlCdp] [-AddToCrlIdp] [-AddToFreshestCrl] [-Force] [-PublishDeltaToServer] [-PublishToServer]
[<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Add-CACRLDistributionPoint cmdlet adds a certificate revocation list (CRL) distribution point URI where the CA publishes certification revocations.


You can add certificate revocation list (CRL) distribution points in issued certificates by using this powershell cmdlet. However, adding the URL for a CRL distribution
point only affects newly issued certificates. Previously issued certificates will continue to reference the original location.


To indicate that you want to use a URL as a CRL distribution point, use the switch PublishCRL.


To indicate that you want to use a URL as a delta CRL distribution point, use the switch PublishDeltaCRL.


To indicate that you want to publish this location in CRLs to point clients to a delta CRL, use the switch IncludeDeltaCRLs.


CRL uniform resource locators can be HTTP or LDAP paths. You can use the following variables depending upon the switch when specifying the address of the CRL.


<CAName>, which is replaced by the name of the targeted CA.


<CAObjectClass>, which is replaced by object class identifier for a CA, used when publishing to an LDAP URL.


<CATruncatedName>, which is replaced by sanitized name of the CA, truncated to 32 characters with a hash at the end.


<CDPObjectClass>, which is replaced by the object class identifier for CRL distribution points, used when publishing to an LDAP URL.


<CertificateName>, which is replaced by the renewal extension of the CA.


<ConfigurationContainer>, which is replaced by the location of the Configuration container in Active Directory Domain Services (AD DS) location.


<CRLNameSuffix>, which is replaced by inserts a name suffix at the end of the file name when publishing a CRL to a file or URL.


<DeltaCRLAllowed>, which is replaced by the CRLNameSuffix variable with a separate suffix to distinguish the delta CRL from the CRL; used when a delta CRL is published.


<ServerDNSName>, which is replaced by the DNS name of the CA server.


<ServerShortName>, which is replaced by the NetBIOS name of the CA server.



<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?LinkID=290937
Get-CACrlDistributionPoint
Remove-CACrlDistributionPoint

REMARKS

<

Examples


-------------------------- EXAMPLE 1 --------------------------

C:\PS>Add-CACRLDistributionPoint -Uri http://ca1.corp.contoso.com/pki/<CAName>.crl -AddToCertificateCdp



Description

-----------

Adds a certificate revocation list (CRL) distribution point for the URI of http://ca1.corp.contoso.com/pki/<CAName>.crl and sets the CRL URI to be included in issued
certificates.