Set-RDCertificate
Imports or applies a certificate to use with an RDS role.
Syntax
Set-RDCertificate
[-Role] <RDCertificateRole>
[-Password <SecureString>]
[-ConnectionBroker <String>]
[-Force]
[<CommonParameters>]Set-RDCertificate
[-Role] <RDCertificateRole>
[-ImportPath <String>]
[-Password <SecureString>]
[-ConnectionBroker <String>]
[-Force]
[<CommonParameters>]Set-RDCertificate
[-Role] <RDCertificateRole>
[-Thumbprint <String>]
[-ConnectionBroker <String>]
[-Force]
[<CommonParameters>]Description
The Set-RDCertificate cmdlet imports a certificate or applies an installed certificate to use with a Remote Desktop Services (RDS) role. You can use this cmdlet to secure an existing certificate by using a secure string supplied by the user.
Examples
Example 1: import a certificate to use with RDS
The following example imports a certificate to use with an RDS role.
PS C:\>$Password = ConvertTo-SecureString -String "Cups34Horses&&" -AsPlainText -Force
PS C:\>Set-RDCertificate -Role RDRedirector -ImportPath "C:\Certificates\Redirector07.pfx" -Password $Password -ConnectionBroker "RDCB.Contoso.com"The first part of the example uses the ConvertTo-SecureString cmdlet to create a secure string based on a string that the user supplies and stores it in the $Password variable. For more information, see ConvertTo-SecureString. You can also enter the Get-Help ConvertTo-SecureString cmdlet into your PowerShell window.
The second part of the example specifies the file name of the certificate to use for the redirector role for the RD Connection Broker named RDCB.Contoso.com. The cmdlet uses the secure string stored in the $Password variable to help secure the certificate.
Example 2: apply a secure string to a certificate
The following example cmdlet applies a new secure string to an RDS role certificate.
PS C:\>$Password = ConvertTo-SecureString -String "Wings%%83Potato" -AsPlainText -Force
PS C:\>Set-RDCertificate -Role RDRedirector -Password $Password -ConnectionBroker "RDCB.Contoso.com"The first part of the example uses the ConvertTo-SecureString cmdlet to create a secure string based on a string that the user supplies and stores it in the $Password variable.
The second part of the example uses the secure string stored in the $Password variable to secure the certificate used for the redirector role for the RD Connection Broker named RDCB.Contoso.com.
Example 3: apply an installed certificate to use with RDS
The following example applies an existing certificate to use with an RDS role.
PS C:\>Set-RDCertificate -Role RDRedirector -Thumbprint fedd995b45e633d4ef30fcbc8f3a48b627e9a28b -ConnectionBroker "RDCB.Contoso.com"The first part of the example specifies the thumbprint of the certificate to use for the RD Connection Broker's redirector role, which in this example is named "RDCB.Contoso.com." The certificate must be installed in the "localmachine\my" store on each server running the specified RDS role. The -Thumbprint parameter is only available in Windows Server 2019.
Parameters
-ConnectionBroker
This parameter specifies the Remote Desktop Connection Broker (RD Connection Broker) server for a Remote Desktop deployment.
If you don't specify a value, the cmdlet uses the local computer's fully qualified domain name (FQDN).
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
This parameter performs the action without a confirmation message.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ImportPath
This parameter specifies the location of a certificate as a file that has a .pfx extension.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Password
This parameter specifies a secure string used to help secure the certificate.
See the Examples section.
| Type: | SecureString |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Role
This parameter specifies a certificate type associated with an RDS server role.
The acceptable values for this parameter are:
- RDGateway
- RDWebAccess
- RDRedirector
- RDPublishing
| Type: | RDCertificateRole |
| Accepted values: | RDGateway, RDWebAccess, RDRedirector, RDPublishing |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Thumbprint
This parameter specifies the thumbprint of the certificate to use. Currently, it is only available in Windows Server 2019.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None