Windows PowerShell command on Get-command Test-Certificate
MyWebUniversity

Windows PowerShell command on Get-command Test-Certificate

NAME

    Test-Certificate

    

SYNOPSIS

    Verifies a certificate according to the input parameters.
    
    

SYNTAX

    Test-Certificate [-Cert]  [-AllowUntrustedRoot] [-DNSName ] [-EKU ] [-Policy {BASE 

    | SSL | AUTHENTICODE | NTAUTH}] [-User] []

    
    

DESCRIPTION

    The Test-Certificate cmdlet verifies a certificate according to input parameters. The revocation status of the 

    certificate is verified by default. If the AllowUntrustedRoot parameter is specified, then a certificate chain is 
    built but an untrusted root is allowed. Other errors are still verified against in this case, such as expired. If 

    the DNSName parameter is used, then the DNS subject alternative name is used to verify SSL policy. If the EKU 

    parameter is used, then the specified application policy object identifiers are used to verify the chain. If the 
    User parameter is used, then the specified user context is used is to build and verify the chain.
    
    Delegation may be required when using this cmdlet with Windows PowerShellr remoting and changing user 
    configuration.
    


PARAMETERS

    -AllowUntrustedRoot []

        Specifies whether the root certificate is required to be trusted in chain building. When this parameter is 
        used, the certificate chain is built but an untrusted root is allowed. Other errors are still verified against 
        in this case, such as expired. If this parameter is not specified, then revocation status is checked by 
        default.
        
        Required?                    false
        Position?                    named
        Default value                none
        Accept pipeline input?       false
        Accept wildcard characters?  false
        

    -Cert 

        Specifies the certificate to test. Either the certificate object or a path to the certificate in a certificate 
        store can be specified.
        
        Required?                    true
        Position?                    1
        Default value                none

        Accept pipeline input?       true (ByPropertyName)

        Accept wildcard characters?  false
        

    -DNSName []

        Specifies the DNS name to verify as valid for the certificate. 
         
        If this parameter is specified but not the Policy parameter, then the CERT_CHAIN_POLICY_SSL policy is applied 
        and the DNS name is validated for the certificate. If a CERT_CHAIN_POLICY_SSL policy does not exist, then the 
        cmdlet will fail. 
        
        If this parameter is not used and the Policy parameter is not specified, the default CERT_CHAIN_POLICY_BASE 
        policy is applied.
        
        Required?                    false
        Position?                    named
        Default value                none
        Accept pipeline input?       false
        Accept wildcard characters?  false
        

    -EKU []

        Specifies a list of enhanced key usage (EKU) object identifiers to verify for the certificate chain.
        
        Required?                    false
        Position?                    named
        Default value                none
        Accept pipeline input?       false
        Accept wildcard characters?  false
        

    -Policy []

        Specifies the policies that will be applied to verify the certificate. The acceptable values for this 
        parameter are:AUTHENTICODE, BASE, NTAUTH, and SSL. If this parameter is not specified, then the BASE policy is 
        used.
        
        Required?                    false
        Position?                    named
        Default value                none
        Accept pipeline input?       false
        Accept wildcard characters?  false
        

    -User []

        Specifies whether the user or machine context is used to test the certificate. If this parameter is not 
        specified, then the machine context is used.
        
        Required?                    false
        Position?                    named
        Default value                none
        Accept pipeline input?       false
        Accept wildcard characters?  false
        
    
        This cmdlet supports the common parameters: Verbose, Debug,
        ErrorAction, ErrorVariable, WarningAction, WarningVariable,
        OutBuffer, PipelineVariable, and OutVariable. For more information, see 
        about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216). 
    

INPUTS

        Microsoft.CertificateServices.Commands.Certificate
    
        The Certificate object can either be provided as a Path object to a certificate or an X509Certificate2 object.
    
    

OUTPUTS

        System.Boolean
    
        If the verification succeeds, then the return value is True; otherwise the return value is False.
    
    

    EXAMPLE 1

    

    PS C:\>Get-ChildItem -Path Cert:\localMachine\My | Test-Certificate -Policy SSL -DNSName "dns=contoso.com"

    
    This example verifies each certificate in the MY store of the local machine and verifies that it is valid for SSL 
    with the DNS name specified.
    
    

    EXAMPLE 2

    

    PS C:\>Test-Certificate -Cert cert:\currentuser\my\191c46f680f08a9e6ef3f6783140f60a979c7d3b -AllowUntrustedRoot 

    -EKU "1.3.6.1.5.5.7.3.1" -User

    
    This example verifies that the provided EKU is valid for the specified certificate and its chain. Revocation 
    checking is not performed.
    
    
    

RELATED LINKS

    Online Version: http://go.microsoft.com/fwlink/p/?linkid=287541

    Get-ChildItem


Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 OurUNIX.com ™