[This command requires installed Remote Server Administration Tools (RSAT)]
Name
Set-CRLDistributionPoint
SYNOPSIS
Set new CRL distribution points (CDP) for Certification Authority.
SYNTAX
Set-CRLDistributionPoint [-InputObject] <CRLDistributionPoint[]> [-RestartCA] [<CommonParameters>]
DESCRIPTION
Set new CRL distribution points (CDP) for Certification Authority. This command will write new CDP URIs to Certification Authority (CA) configuration.
PARAMETERS
-InputObject<CRLDistributionPoint[]>
Specifies an existing CDP object to rewrite. This object can be retrieved by running eitherAdd-CRLDistributionPoint orRemove-CRLDistributionPoint command.
| Required? | True |
| Position? | 0 |
| Default value | |
| Accept pipeline input? | true (ByValue, ByPropertyName) |
| Accept wildcard characters? | False |
-RestartCA<SwitchParameter>
Restarts CA service on the specified CA server to immediately apply changes.
| Required? | False |
| Position? | named |
| Default value | |
| Accept pipeline input? | false |
| Accept wildcard characters? | False |
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
bout_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
PKI.CertificateServices.CRLDistributionPoint
OUTPUTS
PKI.CertificateServices.CRLDistributionPoint
NOTES
Author: Vadims Podans
Blog: http://en-us.sysadmins.lv
EXAMPLES
-------------- Example 1 --------------
PS C:\> Get-CertificationAuthority RootCA | Get-CrlDistributionPoint | Add-CrlDistributionPoint -NewURI "6:http://crl.domain.com/%3%8%9.crl" | Set-CrlDistributionPoint -RestartCA
This example will add new CDP URI to certificate CDP for 'RootCA' CA server. Also this will add new URI in Freshest CRL in CRL CDP to locate corresponding Delta CRL. After command completion CA services will be restarted to immediately apply changes.
-------------- Example 2 --------------
PS C:\> Get-CertificationAuthority | Get-CrlDistributionPoint | Add-CrlDistributionPoint -NewURI "65:\\ServerName\crlfile%9.crl", "65:C:\CertData\%3%8%9.crl" | Set-CrlDistributionPoint -RestartCA
This example will add new paths for Base and Delta CRL file publication for all CAs in the current forest. This will not add any new URIs in certificate CDP extension, but instructs CA to publish physical CRL files to specified locations. After command completion CA services will be restarted to immediately apply changes.
-------------- Example 3 --------------
PS C:\> Get-CertificationAuthority -Name MyCA | Get-CrlDistributionPoint | Remove-CrlDistributionPoint -URI "*c:\windows*" | Set-CrlDistributionPoint -RestartCA
This example will remove all CDP URIs that contains "c:\windows" pattern. After command completion certificate services will be restarted to immediately apply changes.
-------------- Example 4 --------------
PS C:\> Get-CertificationAuthority -Name MyCA | Get-CrlDistributionPoint | Remove-CrlDistributionPoint -URI "*ldap://*" | Set-CrlDistributionPoint -RestartCA
This example will remove all URIs that are used for CRL file publication and/or retrieval from Active Directory. After command completion certificate services will be restarted to immediately apply changes.
RELATED LINKS
Get-CertificationAuthority
Connect-CertificationAuthority
Get-CRLDistributionPoint
Add-CRLDistributionPoint
Remove-CRLDistributionPoint
PowerShell Requirements
- PowerShell 2.0
Operating System Requirements
- Windows Server 2003 all editions
- Windows Server 2008 all editions
- Windows Server 2008 R2 all editions
- Windows Server 2012 all editions
- Windows Server 2012 R2 all editions