Get-EntraTrustedCertificateAuthority

Gets the trusted certificate authority.

Syntax

Get-EntraTrustedCertificateAuthority
   [-TrustedIssuerSki <String>]
   [-TrustedIssuer <String>]
   [-Property <String[]>]
   [<CommonParameters>]

Description

The Get-EntraTrustedCertificateAuthority cmdlet gets the trusted certificate authority in Microsoft Entra ID.

Examples

Example 1: Retrieve the trusted certificate authorities that are defined in your directory

Connect-Entra -Scopes 'Organization.Read.All'
Get-EntraTrustedCertificateAuthority

AuthorityType             : RootAuthority
CrlDistributionPoint      : https://example.crl1
DeltaCrlDistributionPoint :
TrustedCertificate        : {48, 130, 3, 4...}
TrustedIssuer             : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US
TrustedIssuerSki          : E48DBC5D4AF447E9D9D4A5440D4096C70AF5352A

AuthorityType             : RootAuthority
CrlDistributionPoint      : https://example.crl
DeltaCrlDistributionPoint : https://deltaexample.crl
TrustedCertificate        : {48, 130, 3, 4...}
TrustedIssuer             : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US
TrustedIssuerSki          : 69506400C9806497DCB48F160C31CFFEA87E544C

AuthorityType             : RootAuthority
CrlDistributionPoint      : https://example.crl
DeltaCrlDistributionPoint :
TrustedCertificate        : {48, 130, 3, 0...}
TrustedIssuer             : CN=example1.azure.com, O=MSIT. Ltd, L=Redmond, C=US
TrustedIssuerSki          : 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD

This command retrieves the trusted certificate authorities that are defined in your directory.

Example 2: Retrieve the trusted certificate authorities that are defined in your directory based on TrustedIssuer

Connect-Entra -Scopes 'Organization.Read.All'
Get-EntraTrustedCertificateAuthority -TrustedIssuer 'CN=mscmdlet'

AuthorityType             : RootAuthority
CrlDistributionPoint      : https://example.crl1
DeltaCrlDistributionPoint :
TrustedCertificate        : {48, 130, 3, 4...}
TrustedIssuer             : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US
TrustedIssuerSki          : E48DBC5D4AF447E9D9D4A5440D4096C70AF5352A

AuthorityType             : RootAuthority
CrlDistributionPoint      : https://example.crl
DeltaCrlDistributionPoint : https://deltaexample.crl
TrustedCertificate        : {48, 130, 3, 4...}
TrustedIssuer             : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US
TrustedIssuerSki          : 69506400C9806497DCB48F160C31CFFEA87E544C

This command retrieves the trusted certificate authorities that are defined in your directory based on TrustedIssuer.

  • -TrustedIssuer parameter specifies the trusted issuer.

Example 3: Retrieve the trusted certificate authorities that are defined in your directory based on TrustedIssuerSki

Connect-Entra -Scopes 'Organization.Read.All'
Get-EntraTrustedCertificateAuthority -TrustedIssuerSki 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD

AuthorityType             : RootAuthority
CrlDistributionPoint      : https://example.crl
DeltaCrlDistributionPoint :
TrustedCertificate        : {48, 130, 3, 0...}
TrustedIssuer             : CN=example1.azure.com, O=MSIT. Ltd, L=Redmond, C=US
TrustedIssuerSki          : 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD

This command retrieves the trusted certificate authorities that are defined in your directory based on TrustedIssuerSki.

  • -TrustedIssuerSki parameter specifies the trusted issuer ski.

Parameters

-Property

Specifies properties to be returned.

Type:System.String[]
Aliases:Select
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-TrustedIssuer

Specifies a trusted issuer.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-TrustedIssuerSki

Specifies a trusted issuer ski.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False