This module is intended to simplify various PKI and Active Directory Certificate Services management tasks by using automation with Windows PowerShell.
This module is intended for Certification Authority management. For local certificate store management you should consider to use Quest AD PKI cmdlets.
All documentation is available at my website: PowerShell PKI Module
Download the most recent PowerShell PKI Module installer from CodePlex
- Windows PowerShell 3.0 or higher
- .NET Framework 4.0 or higher
This module can run on any of the specified operating system:
- Windows Server 2008*/2008 R2/2012/2012 R2
- Windows Vista**/7**/8**/8.1**/10**
* โ Server Core installation is not supported.
** โ with installed RSAT (Remote System Administration Tools)
This module supports Enterprise or Standalone Certification Authority servers that are running one the following operating system:
- Windows Server 2003/2003 R2
- Windows Server 2008 (including Server Core)
- Windows Server 2008 R2 (including Server Core)
- Windows Server 2012 (including Server Core)
- Windows Server 2012 R2 (including Server Core)
- Add-AuthorityInformationAccess (Alias: Add-AIA)
- Add-CAAccessControlEntry (Alias: Add-CAACL)
- Add-CAKRACertificate
- Add-CATemplate
- Add-CertificateEnrollmentPolicyService
- Add-CertificateEnrollmentService
- Add-CertificateTemplateAcl
- Add-CRLDistributionPoint (Alias: Add-CDP)
- Add-ExtensionList
- Approve-CertificateRequest
- Connect-CertificationAuthority (Alias: Connect-CA)
- Convert-PemToPfx
- Convert-PfxToPem
- Deny-CertificateRequest
- Disable-CertificateRevocationListFlag (Alias: Disable-CRLFlag)
- Disable-InterfaceFlag
- Disable-KeyRecoveryAgentFlag (Alias: Disable-KRAFlag)
- Disable-PolicyModuleFlag
- Enable-CertificateRevocationListFlag (Alias: Enable-CRLFlag)
- Enable-InterfaceFlag
- Enable-KeyRecoveryAgentFlag (Alias: Enable-KRAFlag)
- Enable-PolicyModuleFlag
- Get-ADKRACertificate
- Get-AuthorityInformationAccess (Alias: Get-AIA)
- Get-CACryptographyConfig
- Get-CAExchangeCertificate
- Get-CAKRACertificate
- Get-CASchema
- Get-CASecurityDescriptor (Alias: Get-CAACL)
- Get-CATemplate
- Get-CertificateContextProperty
- Get-CertificateRequest
- Get-CertificateRevocationList (Alias: Get-CRL)
- Get-CertificateRevocationListFlag (Alias: Get-CRLFlag)
- Get-CertificateTemplate
- Get-CertificateTemplateAcl
- Get-CertificateTrustList (Alias: Get-CTL)
- Get-CertificateValidityPeriod
- Get-CertificationAuthority (Alias: Get-CA)
- Get-CryptographicServiceProvider
- Get-CRLDistributionPoint (Alias: Get-CDP)
- Get-CRLValidityPeriod
- Get-DatabaseRow
- Get-EnrollmentPolicyServerClient
- Get-EnterprisePKIHealthStatus
- Get-ErrorMessage
- Get-ExtensionList
- Get-FailedRequest
- Get-InterfaceFlag
- Get-IssuedRequest
- Get-KeyRecoveryAgentFlag (Alias: Get-KRAFlag)
- Get-ObjectIdentifier (Alias: oid)
- Get-ObjectIdentifierEx (Alias: oid2)
- Get-PendingRequest
- Get-PolicyModuleFlag
- Get-RevokedRequest
- Import-LostCertificate
- Install-CertificationAuthority
- New-CertificateRequest
- New-SelfSignedCertificateEx
- Ping-ICertInterface
- Publish-CRL
- Receive-Certificate
- Register-ObjectIdentifier
- Remove-AuthorityInformationAccess (Alias: Remove-AIA)
- Remove-CAAccessControlEntry (Alias: Remove-CAACL)
- Remove-CAKRACertificate
- Remove-CATemplate
- Remove-CertificateEnrollmentPolicyService
- Remove-CertificateEnrollmentService
- Remove-CertificateTemplate
- Remove-CertificateTemplateAcl
- Remove-CRLDistributionPoint (Alias: Remove-CDP)
- Remove-DatabaseRow (Alias: Remove-Request)
- Remove-ExtensionList
- Restart-CertificationAuthority
- Restore-CertificateRevocationListFlagDefault (Alias: Restore-CRLFlagDefault)
- Restore-KeyRecoveryAgentFlagDefault (Alias: Restore-KRAFlagDefault)
- Restore-PolicyModuleFlagDefault
- Revoke-Certificate
- Set-AuthorityInformationAccess
- Set-CACryptographyConfig
- Set-CAKRACertificate
- Set-CASecurityDescriptor (Alias: Set-CAACL)
- Set-CATemplate
- Set-CertificateExtension
- Set-CertificateTemplateAcl
- Set-CertificateValidityPeriod
- Set-CRLDistributionPoint (Alias: Set-CDP)
- Set-CRLValidityPeriod
- Set-ExtensionList
- Show-Certificate
- Show-CertificateRevocationList (Alias: Show-CRL)
- Show-CertificateTrustList (Alias: Show-CTL)
- Start-CertificationAuthority
- Start-PsFCIV
- Stop-CertificationAuthority
- Submit-CertificateRequest
- Test-WebServerSSL
- Uninstall-CertificationAuthority
- Unregister-ObjectIdentifier