Get-HgsKeyProtectionAttestationSignerCertificate
Gets the attestation signer certificates that the Key Protection Service trusts.
Syntax
Get-HgsKeyProtectionAttestationSignerCertificate
[-Thumbprint <String>]
[<CommonParameters>] Description
The Get-HgsKeyProtectionAttestationSignerCertificate cmdlet gets the attestation signer certificates that the Key Protection Service trusts
Examples
Example 1: Get all attestation certificates
PS C:\> Get-HgsKeyProtectionAttestationSignerCertificateThis command gets all the attestation certificates signers that the Key Protection Service trusts.
Example 2: Get a single attestation certificate
PS C:\> Get-HgsKeyProtectionAttestationSignerCertificate -Thumbprint "d39203a3b3544743ad552afe0615dc1f"This command gets a single attestation certificate signer that the Key Protection Service trusts. The command looks up the certificate signer by using a thumbprint.
Parameters
-Thumbprint
Specifies the thumbprint of the attestation signer certificate to get. If you do not specify a value for this parameter, this cmdlet gets all the attestation signer certificates for trusted attestation servers.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
You cannot pipe input to this cmdlet.
Outputs
Microsoft.Windows.KpsServer.Common.Store.Data.AttestationCertificate
This cmdlet returns an AttestationCertificate object that represents an attestation signer certificate. The object contains the following fields:
- Certificate. The X509Certificate2 object.
- AttestationCertificatePolicy. The policy that describes further limitations on which health certificates signed by this signer certificate are trusted by the Key Protection Service.