New-AzureRmVpnClientRootCertificate
Creates a new VPN client root certificate.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
New-AzureRmVpnClientRootCertificate
-Name <String>
-PublicCertData <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The New-AzureRmVpnClientRootCertificate cmdlet creates a new VPN root certificate for use on a virtual network gateway.
Root certificates are X.509 certificates that identify your Root Certification Authority: all other certificates used on the gateway trust the root certificate.
This cmdlet creates a stand-alone certificate that is not assigned to a virtual gateway.
Instead, the certificate created by New-AzureRmVpnClientRootCertificate is used in conjunction with the New-AzureRmVirtualNetworkGateway cmdlet when creating a new gateway.
For example, suppose you create a new certificate and store it in a variable named $Certificate.
You can then use that certificate object when creating a new virtual gateway.
For instance,
New-AzureRmVirtualNetworkGateway -Name "ContosoVirtualGateway" -ResourceGroupName "ContosoResourceGroup" -Location "West US" -GatewayType "VPN" -IpConfigurations $Ipconfig -VPNType "RouteBased" -VpnClientRootCertificates $Certificate
For more information, see the documentation for the New-AzureRmVirtualNetworkGateway cmdlet.
Examples
Example 1: Create aclient root certificate
PS C:\> $Text = Get-Content -Path "C:\Azure\Certificates\ExportedCertficate.cer"
PS C:\> $CertificateText = for ($i=1; $i -lt $Text.Length -1 ; $i++){$Text[$i]}
PS C:\> $Certificate = New-AzureRmVpnClientRootCertificate -PublicCertData $CertificateText -Name "ContosoClientRootCertificate"This example creates a client root certificate and store the certificate object in a variable named $Certificate. This variable can then be used by the New-AzureRmVirtualNetworkGateway cmdlet to add a root certificate to a new virtual network gateway. The first command uses the Get-Content cmdlet to get a previously exported text representation of the root certificate; that text data is stored in a variable named $Text. The second command then uses a for loop to extract all the text except for the first line and the last line, storing the extracted text in a variable named $CertificateText. The third command uses the New-AzureRmVpnClientRootCertificate cmdlet to create the certificate, storing the created object in a variable named $Certificate.
Parameters
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Specifies a name for the new client root certificate.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PublicCertData
Specifies a text representation of the root certificate to be added. To obtain the text representation, export your certificate in .cer format (using Base64 encoding), then open the resulting file in a text editor. You should see output similar to this (note that the actual output will contain many more lines of text than the abbreviated sample shown here): ----- BEGIN CERTIFICATE ----- MIIC13FAAXC3671Auij9HHgUNEW8343NMJklo09982CVVFAw8w ----- END CERTIFICATE ----- The PublicCertData is made up of all the lines between the first line (----- BEGIN CERTIFICATE -----) and the last line (----- END CERTIFICATE -----) in the file. You can retrieve the PublicCertData by using Windows PowerShell commands similar to this: $Text = Get-Content -Path "C:\Azure\Certificates\ExportedCertficate.cer" $CertificateText = for ($i=1; $i -lt $Text.Length -1 ; $i++){$Text[$i]}
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |