SPCertificateSettings

SPCertificateSettings

Parameters

Parameter	Attribute	DataType	Description	Allowed Values
IsSingleInstance	Key	String	Specifies the resource is a single instance, the value must be 'Yes'	Yes
OrganizationalUnit	Write	String	Specifies the default organizational unit
Organization	Write	String	Specifies the default organization
Locality	Write	String	Specifies the default locality
State	Write	String	Specifies the default state
Country	Write	String	Specifies the default country
KeyAlgorithm	Write	String	Specifies the default key algorithm	ECC, RSA
KeySize	Write	UInt16	Specifies the default key size (Default=2048)	0, 2048, 4096, 8192, 16384
EllipticCurve	Write	String	Specifies the default elliptic curve (Default=nistP256)	nistP256, nistP384, nistP521
HashAlgorithm	Write	String	Specifies the default hash algorithm (Default=SHA256	SHA256, SHA384, SHA512
RsaSignaturePadding	Write	String	Specifies the default RSA signature padding (Default=Pkcs1)	Pkcs1, Pss
CertificateExpirationAttentionThreshold	Write	UInt32	Specifies the certificate expiration attention threshold
CertificateExpirationWarningThreshold	Write	UInt32	Specifies the certificate expiration warning threshold
CertificateExpirationErrorThreshold	Write	UInt32	Specifies the certificate expiration error threshold
CertificateNotificationContacts	Write	StringArray[]	Specifies the certificate notification contacts

Description

Type: Distributed Requires CredSSP: No

This resource is used to set the global certificate settings for the local farm. These settings will be used by the Certificate Management solution when creating new certificates.

Examples

Example 1

This example shows how to apply default certificate settings to the farm

Configuration Example
{
    param
    (
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $SetupAccount
    )

    Import-DscResource -ModuleName SharePointDsc

    node localhost
    {
        SPCertificateSettings CertificateSettings
        {
            IsSingleInstance                        = 'Yes'
            OrganizationalUnit                      = 'IT'
            Organization                            = 'Contoso'
            Locality                                = 'Seattle'
            State                                   = 'Washington'
            Country                                 = 'US'
            KeyAlgorithm                            = 'RSA'
            KeySize                                 = 2048
            EllipticCurve                           = 'nistP256'
            HashAlgorithm                           = 'SHA256'
            RsaSignaturePadding                     = 'Pkcs1'
            CertificateExpirationAttentionThreshold = 60
            CertificateExpirationWarningThreshold   = 15
            CertificateExpirationErrorThreshold     = 15
            PsDscRunAsCredential                    = $SetupAccount
        }
    }
}

Example 2

This example shows how to apply certificate notification contacts to the farm

Configuration Example
{
    param
    (
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $SetupAccount
    )

    Import-DscResource -ModuleName SharePointDsc

    node localhost
    {
        SPCertificateSettings CertificateSettings
        {
            IsSingleInstance                = 'Yes'
            CertificateNotificationContacts = @('admin@contoso.com', 'certificates@contoso.com')
            PsDscRunAsCredential            = $SetupAccount
        }
    }
}