Publish-QADCertificateRevocationList
From PowerGUI Wiki
Publish certificate revocation lists to the CRL distribution point (CDP) container in Active Directory.
This cmdlet is part of the Quest ActiveRoles Server product. Use Get-QARSProductInfo to view information about ActiveRoles Server.
Contents |
Syntax
Publish-QADCertificateRevocationList [-CAName] <string[]> [-CRL] <CertificateRevocationListUI[]> [-Connection <ArsConnection>] [-ConnectionAccount <string>] [-ConnectionPassword <SecureString>] [-Credential <PSCredential>] [-Forest <string>] [-Proxy] [-Service <string>] [-UseGlobalCatalog] [-Confirm] [-WhatIf] [<CommonParameters>]
Detailed Description
Use this cmdlet to publish certificate revocation lists to the CRL distribution point (CDP) container in the Active Directory configuration naming context. The CDP container is the publication point for the certification authorities' (CA) certificate revocation lists (CRL). Publishing a CA's certificate revocation list to the CDP container enables all domain members to verify the revocation status of certificates issued by the CA. For every Active Directory forest, the CDP container is located in the forest's Configuration naming context, and is therefore replicated to every domain controller in the forest. Note that the CRLs that are available in the CDP container are not automatically deployed into client computers, so CRLs in this container have an effect only on certificates whose CRL distribution points setting specifies the CDP container as a CRL location.
Publication of a CRL effectively adds the CRL to a certain CRL distribution point (cRLDistributionPoint) object held in a sub-container of the CDP container, with the sub-container normally identified by the NetBIOS name of a particular CA server computer. The cmdlet allows you to specify one or more CA names for a single publish operation.
Parameters
| Name | Description | Required? | Pipeline Input | Default Value |
|---|---|---|---|---|
| CAName | Use this parameter to specify the Certification Authority name for the publish operation. When publishing a certificate revocation list (CRL), the cmdlet adds the CRL to a certain CRL distribution point (cRLDistributionPoint) object in a sub-container of the CDP container, with the sub-container's name identified by the value of this parameter. A parameter value could be the NetBIOS name of the server running the Certification Authority for which you want to publish a certificate revocation list (see examples). | true | true (ByPropertyName) | |
| Connection | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| ConnectionAccount | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| ConnectionPassword | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| Credential | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| CRL | Use this parameter to specify the CRL objects representing the certificate revocation lists to publish. This could be output objects of the Import-QADCertificateRevocationList cmdlet (see examples). | true | true (ByValue) | |
| Forest | Use this parameter to identify the Active Directory forest where you want to publish certificate revocation lists. Parameter value is the fully qualified distinguished name of the forest root domain. This parameter only has an effect on the operations being performed through ActiveRoles Server (connection established using the Proxy parameter). In case of a proxy connection, the Forest parameter is required to identify the forest of the target CDP container, since ActiveRoles Server could be configured to manage domains from more than one forest. | false | true (ByPropertyName) | |
| Proxy | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| Service | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| UseGlobalCatalog | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| Confirm | Prompts you for confirmation before executing the command. | false | false | |
| WhatIf | Describes what would happen if you executed the command without actually executing the command. | false | false |
Examples
EXAMPLE 1
dir c:\crl | Import-QADCertificateRevocationList | Publish-QADCertificateRevocationList -CAName CA3SRV
Description
Publish the certificate revocation lists from the files located in the c:\crl folder to a CRL distribution point object for the CA server named CA3SRV.
