SPCertificateSettings - dsccommunity/SharePointDsc GitHub Wiki
Parameters
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| IsSingleInstance | Key | String | Specifies the resource is a single instance, the value must be 'Yes' | Yes |
| CertificateExpirationAttentionThreshold | Write | UInt32 | Specifies the certificate expiration attention threshold | |
| CertificateExpirationErrorThreshold | Write | UInt32 | Specifies the certificate expiration error threshold | |
| CertificateExpirationWarningThreshold | Write | UInt32 | Specifies the certificate expiration warning threshold | |
| CertificateNotificationContacts | Write | StringArray[] | Specifies the certificate notification contacts | |
| Country | Write | String | Specifies the default country | |
| EllipticCurve | Write | String | Specifies the default elliptic curve (Default=nistP256) | nistP256, nistP384, nistP521 |
| HashAlgorithm | Write | String | Specifies the default hash algorithm (Default=SHA256 | SHA256, SHA384, SHA512 |
| KeyAlgorithm | Write | String | Specifies the default key algorithm | ECC, RSA |
| KeySize | Write | UInt16 | Specifies the default key size (Default=2048) | 0, 2048, 4096, 8192, 16384 |
| Locality | Write | String | Specifies the default locality | |
| Organization | Write | String | Specifies the default organization | |
| OrganizationalUnit | Write | String | Specifies the default organizational unit | |
| RsaSignaturePadding | Write | String | Specifies the default RSA signature padding (Default=Pkcs1) | Pkcs1, Pss |
| State | Write | String | Specifies the default state |
Description
Type: Distributed Requires CredSSP: No
This resource is used to set the global certificate settings for the local farm. These settings will be used by the Certificate Management solution when creating new certificates.
Examples
Example 1
This example shows how to apply default certificate settings to the farm
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
SPCertificateSettings CertificateSettings
{
IsSingleInstance = 'Yes'
OrganizationalUnit = 'IT'
Organization = 'Contoso'
Locality = 'Seattle'
State = 'Washington'
Country = 'US'
KeyAlgorithm = 'RSA'
KeySize = 2048
EllipticCurve = 'nistP256'
HashAlgorithm = 'SHA256'
RsaSignaturePadding = 'Pkcs1'
CertificateExpirationAttentionThreshold = 60
CertificateExpirationWarningThreshold = 15
CertificateExpirationErrorThreshold = 15
PsDscRunAsCredential = $SetupAccount
}
}
}
Example 2
This example shows how to apply certificate notification contacts to the farm
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
SPCertificateSettings CertificateSettings
{
IsSingleInstance = 'Yes'
CertificateNotificationContacts = @('[email protected]', '[email protected]')
PsDscRunAsCredential = $SetupAccount
}
}
}