|
20 | 20 | <meta property="og:site_name" content="docs.dbatools.io" /> |
21 | 21 | <meta property="og:locale" content="en_US" /> |
22 | 22 | <meta name="twitter:text:title" content="dbatools docs: Add-DbaComputerCertificate" /> |
23 | | - |
| 23 | + |
24 | 24 | <meta name="twitter:image" content="https://docs.dbatools.io/assets/thumbs/Add-DbaComputerCertificate.png"> |
25 | 25 | <meta name="twitter:card" content="summary_large_image"> |
26 | | - |
| 26 | + |
27 | 27 | <meta name=twitter:creator content="@psdbatools"> |
28 | 28 | <meta name=twitter:title content="dbatools docs: Add-DbaComputerCertificate"> |
29 | 29 | <meta property="twitter:site" content="@psdbatools" /> |
|
145 | 145 | } |
146 | 146 | $(document).ready(function () { |
147 | 147 | function render_doc(doc_to_render, examples_mode) { |
148 | | - |
| 148 | + |
149 | 149 | $("#rendered h5").each(function (i, el) { |
150 | 150 | if ($(el).text().startsWith('-')) { |
151 | 151 | $(el).addClass('param') |
|
180 | 180 | } |
181 | 181 |
|
182 | 182 |
|
183 | | - //not all code is a block |
| 183 | + //not all code is a block |
184 | 184 | $("#rendered h3[id*='-parameters']").nextAll().find('code').addClass('hljs-inline') |
185 | 185 | $('#rendered #description').nextUntil('#rendered #syntax').find('code').addClass('hljs-inline') |
186 | 186 | } |
|
393 | 393 |
|
394 | 394 | <nav class="navbar navbar-expand-md customnav"> |
395 | 395 | <a href="https://docs.dbatools.io/" class="navbar-brand" rel="home" itemprop="url"> |
396 | | - <img width="265" height="64" src="https://dbatools.io/images/dbatools-docs.png" |
| 396 | + <img width="265" height="64" src="https://dbatools.io/wp-content/uploads/2018/09/dbatools-docs.png" |
397 | 397 | class="custom-logo" alt="dbatools" itemprop="logo" scale="0"> |
398 | 398 | </a> |
399 | 399 | <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarCollapse" |
@@ -488,6 +488,7 @@ <h2 id="synopsis">Synopsis</h2> |
488 | 488 | <p>Imports X.509 certificates into the Windows certificate store on local or remote computers.</p> |
489 | 489 | <h2 id="description">Description</h2> |
490 | 490 | <p>Imports X.509 certificates (including password-protected .pfx files with private keys) into the specified Windows certificate store on one or more computers. This function is essential for SQL Server TLS/SSL encryption setup, Availability Group certificate requirements, and Service Broker security configurations.</p> |
| 491 | +<p>When importing PFX files, the function imports the entire certificate chain, including intermediate certificates. This ensures proper certificate validation and prevents issues when using certificates with Set-DbaNetworkCertificate or other certificate-dependent operations.</p> |
491 | 492 | <p>The function handles both certificate files from disk and certificate objects from the pipeline, supports remote installation via PowerShell remoting, and allows you to control import behavior through various flags like exportable/non-exportable private keys. By default, certificates are installed to the LocalMachine\My (Personal) store with exportable and persistent private keys, which is the standard location for SQL Server service certificates.</p> |
492 | 493 | <h2 id="syntax">Syntax</h2> |
493 | 494 | <pre><code>Add-DbaComputerCertificate |
@@ -524,6 +525,13 @@ <h5 id="example-4">Example: 4</h5> |
524 | 525 | <pre><code>PS C:\> Add-DbaComputerCertificate -ComputerName sql01 -Path C:\temp\sql01.pfx -Confirm:$false -Flag NonExportable |
525 | 526 | </code></pre> |
526 | 527 | <p>Adds the local C:\temp\sql01.pfx to sql01's LocalMachine\My (Personal) certificate store and marks the private key as non-exportable. Skips confirmation prompt.<br></p> |
| 528 | +<h5 id="example-5">Example: 5</h5> |
| 529 | +<pre><code>PS C:\> $password = Read-Host "Enter the SSL Certificate Password" -AsSecureString |
| 530 | +PS C:\> Add-DbaComputerCertificate -ComputerName sql01 -Path C:\cert\fullchain.pfx -SecurePassword $password |
| 531 | +PS C:\> Get-DbaComputerCertificate -ComputerName sql01 | Where-Object Subject -match "letsencrypt" | Set-DbaNetworkCertificate -SqlInstance sql01 |
| 532 | +</code></pre> |
| 533 | +<p>Imports a Let's Encrypt certificate with the full chain (including intermediate certificates) from a PFX file, then configures SQL Server to use it. The full chain import ensures that <br> |
| 534 | +Set-DbaNetworkCertificate can properly set permissions on the certificate.<br></p> |
527 | 535 | <h3 id="optional-parameters">Optional Parameters</h3> |
528 | 536 | <h5 id="computername">-ComputerName</h5> |
529 | 537 | <p>The target computer or computers where certificates will be installed. Accepts server names, FQDNs, or IP addresses.<br /> |
@@ -736,7 +744,7 @@ <h5 id="flag">-Flag</h5> |
736 | 744 | Exportable<br /> |
737 | 745 | Imported keys are marked as exportable.<br /> |
738 | 746 | NonExportable<br /> |
739 | | -Expliictly mark keys as nonexportable.<br /> |
| 747 | +Explicitly mark keys as nonexportable.<br /> |
740 | 748 | PersistKeySet<br /> |
741 | 749 | The key associated with a PFX file is persisted when importing a certificate.<br /> |
742 | 750 | UserProtected<br /> |
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments