Get-CMTrustedRootCertificate
Gets a trusted root certificate for Configuration Manager.
Syntax
Default (Default)
Get-CMTrustedRootCertificate
[-CAServerName <String>]
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[<CommonParameters>]
Description
The Get-CMTrustedRootCertificate cmdlet gets a trusted root certificate for Configuration Manager. For native mode communication, Configuration Manager authenticates, encrypts, and signs communications based on public key infrastructure (PKI) keys that depend on trusted root certificate. Devices that communicate by using certificates must have a root certificate in common. Devices in your Configuration Manager hierarchy might have different root certificates. If so, install all necessary trusted root certificates.
Computers that run the Windows operating system, as well as many other devices, rely on some well-known third-party root certificates. If you deploy your own PKI, install the required root certificate.
Note
Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.
Examples
Example 1: Get a trusted root certificate
PS XYZ:\> Get-CMTrustedRootCertificate -CertificationAuthorityServerName "ContosoCA.Contoso.com"
This command gets a trusted root certificate from the internal server named ContosoCA.Contoso.com.
Parameters
-CAServerName
The Get-CMTrustedRootCertificate cmdlet gets a trusted root certificate for Configuration Manager. For native mode communication, Configuration Manager authenticates, encrypts, and signs communications based on public key infrastructure (PKI) keys that depend on trusted root certificate. Devices that communicate by using certificates must have a root certificate in common. Devices in your Configuration Manager hierarchy might have different root certificates. If so, install all necessary trusted root certificates.
Computers that run the Windows operating system, as well as many other devices, rely on some well-known third-party root certificates. If you deploy your own PKI, install the required root certificate.
Note
Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | CertificationAuthorityServerName |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DisableWildcardHandling
This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ForceWildcardHandling
This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.