Add-CATemplate

Adds a certificate template to the CA.

Syntax

Add-CATemplate
   [-Name] <String>
   [-Force]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Add-CATemplate cmdlet adds a certificate template to the certificate authority (CA) for issuing.

A certificate template is a preconfigured list of certificate settings that allows users and computers to enroll for certificates without having to create complex certificate requests. Certificate templates allow for the customization of a certificate that can be issued by the CA. The template defines items such as the cryptographic types, validity and renewal periods, and certificate purposes.

The certificate templates are stored in Active Directory Domain Services (AD DS). Many default certificate templates are added to AD DS when the CA role service is installed. This cmdlet does not allow you to create new templates or duplicate existing templates.

Examples

Example 1: Add a CA template

PS C:\> Add-CATemplate -Name "EFS"

This command adds a CA template with the template name EFS.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Name

Specifies the name of a certificate template name. This name must always be the template name, short name without spaces, and not the template display name. For example, the certificate template with the template display name of Exchange Enrollment Agent (Offline request) must be specified by its template name, which is EnrollmentAgentOffline.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

There is only one parameter for this cmdlet, Name, and it can only accept a single template each time specified by name as a string.

Outputs

Object

Notes

  • To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in AD DS, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure.