PowerShell Logo Small

Install-AdcsCertificationAuthority



This is the built-in help made by Microsoft for the command 'Install-AdcsCertificationAuthority', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Performs installation and configuration of the Active Directory Certificate Services (AD CS) Certification Authority (CA) role service.

SYNTAX


Install-AdcsCertificationAuthority [-AllowAdministratorInteraction] [-CACommonName <String>] [-CADistinguishedNameSuffix <String>] [-CAType <CAType>] [-Credential
<PSCredential>] [-CryptoProviderName <String>] [-DatabaseDirectory <String>] [-Force] [-HashAlgorithmName <String>] [-IgnoreUnicode] [-KeyLength <Int32>] [-LogDirectory
<String>] [-OutputCertRequestFile <String>] [-OverwriteExistingCAinDS] [-OverwriteExistingDatabase] [-OverwriteExistingKey] [-ParentCA <String>] [-ValidityPeriod
<ValidityPeriod>] [-ValidityPeriodUnits <Int32>] [-Confirm] [-WhatIf] [<CommonParameters>]
Install-AdcsCertificationAuthority [-AllowAdministratorInteraction] [-CADistinguishedNameSuffix <String>] [-CAType <CAType>] [-Credential <PSCredential>]
[-CryptoProviderName <String>] [-DatabaseDirectory <String>] [-Force] [-HashAlgorithmName <String>] [-IgnoreUnicode] [-KeyContainerName <String>] [-LogDirectory <String>]
[-OutputCertRequestFile <String>] [-OverwriteExistingCAinDS] [-OverwriteExistingDatabase] [-ParentCA <String>] [-ValidityPeriod <ValidityPeriod>] [-ValidityPeriodUnits
<Int32>] [-Confirm] [-WhatIf] [<CommonParameters>]
Install-AdcsCertificationAuthority [-AllowAdministratorInteraction] [-CAType <CAType>] [-CertFile <String>] [-CertFilePassword <SecureString>] [-CertificateID <String>]
[-Credential <PSCredential>] [-DatabaseDirectory <String>] [-Force] [-LogDirectory <String>] [-OverwriteExistingDatabase] [-OverwriteExistingKey] [-Confirm] [-WhatIf]
[<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Install-AdcsCertificationAuthority cmdlet performs installation and configuration of the ADCS CA role service. To remove the certification authority role service use the
Uninstall-AdcsCertificationAuthority cmdlet.


You can import the cmdlet by running the following commands from Windows PowerShell:
Import-Module ServerManager
Add-WindowsFeature Adcs-Cert-Authority


To include the Certification Authority and Certificate Templates consoles in a CA installation, you must add -IncludeManagementTools to the end of the AddWindowsFeature
Adcs-Cert-Authority command.


Int is equivalent to Int32 in the .NET Framework (http://msdn.microsoft.com/en-us/library/ya5y69ds.aspx).



<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?linkid=299499
Uninstall-AdcsCertificationAuthority

REMARKS

<

Examples


-------------------------- EXAMPLE 1 --------------------------

C:\PS>Install-AdcsCertificationAuthority -CAType StandaloneRootCa



Description

-----------

This command installs a new Standalone Root CA with default settings.




-------------------------- EXAMPLE 2 --------------------------

C:\PS>Install-AdcsCertificationAuthority -CAType EnterpriseRootCa -CryptoProviderName "ECDSA_P256#Microsoft Software Key Storage Provider" -KeyLength 256 -HashAlgorithmName
SHA256



Description

-----------

This command installs a new Enterprise Root CA using a specific provider (ECDSA_P256 Microsoft Software Key Storage Provider), key length (256), hash algorithm (SHA 256)




-------------------------- EXAMPLE 3 --------------------------

C:\PS>Install-AdcsCertificationAuthority -CAType EnterpriseRootCa -CryptoProviderName "RSA#Microsoft Software Key Storage Provider" -KeyLength 2048 -HashAlgorithmName SHA1
-ValidityPeriod Years -ValidityPeriodUnits 3



Description

-----------

This command installs a new Enterprise Root CA with the Microsoft Software Key Storage Provider using the RSA algorithm, key length (2048), hash algorithm (SHA 256), and
validity period (3 years).




-------------------------- EXAMPLE 4 --------------------------

C:\PS>Install-AdcsCertificationAuthority -CAType EnterpriseSubordinateCa -ParentCA SERVER75.corp.contoso.com\SERVER75-CA



Description

-----------

This command installs a new Enterprise subordinate CA, the parent CA is SERVER75 in the CORP domain of Contoso.com




-------------------------- EXAMPLE 5 --------------------------

C:\PS>Install-AdcsCertificationAuthority -CAType EnterpriseSubordinateCa -CertFile C:\Cert\SERVER80-CA.p12 -CertFilePassword (read-host "Set user password" -assecurestring)



Description

-----------

This command installs an Enterprise Subordinate certification authority using an existing certificate from a PFX/P12 file that is located on the local C:\Cert folder named
SERVER80-CA.p12.