New-Certificate Cmdlet
Parameters Output Objects Configuration Settings
The New-Certificate cmdlet is used to create new X.509 certificates in a certificate store.
Syntax
New-Certificate [parameters]
Remarks
To create a new certificate in a store, the CertStore and CertStoreType parameters must be specified. You can also specify the CertStorePassword parameter if the store so requires it. Subject and SerialNumber would specify the subject and serial number of the new certificate.
If IssuerSubject is specified, the new certificate will be issued using the selected root certificate, which
must have a private key available. Otherwise, a self-signed certificate will be created.
# Create new certificate in the user storenew-certificate -CertStore MY -CertStoreType User -Subject 'CN=Test' -SerialNumber 1235 -IssuerSubject $issuerParameter List
The following is the full list of the parameters of the cmdlet with short descriptions. Click on the links for further details.
| LogFile | The location of a file to which debug information is written. |
| CertStore | The name of the certificate store for the client certificate. |
| CertStorePassword | The password for the certificate store (if any). |
| CertStoreType | The type of certificate store for the client certificate. |
| Config | Specifies one or more configuration settings. |
| IssuerSubject | Specifies the subject of the issuer certificate. |
| LogFile | The location of a file to which debug information is written. |
| SerialNumber | Specifies the serial number. |
| Subject | Specifies the subject of the certificate to create. |
Output Objects
The following is the full list of the output objects returned by the cmdlet with short descriptions. Click on the links for further details.
| Certificate | This object contains all the information about a certificate. |
Configuration Settings
The following is a list of configuration settings for the cmdlet with short descriptions. Click on the links for further details.
| CertComment | A comment to include in a saved certificate. |
| CertificateOutputFormat | The format of the certificate to save. |
| CertKeyLength | The public key length for created certificates and keys. |
| CertKeyType | The types of keys created for new certificates. |
| CertPublicKeyAlgorithm | The public key algorithm used when a certificate is created. |
| CertSignatureAlgorithm | The signature algorithm used when creating certificates. |
| CertValidityTime | The validity period for the certificate. |
| CertValidityOffset | The number of days until the certificate becomes valid. |
| CSP | The Cryptographic Service Provider. |
| ExportedCert | The exported certificate file. |
| ExportFormat | The format of the exported certificate. |
| ImportCertAction | Specified the action to take if a matching certificate or a link to a matching certificate already exists. |
| JWKAlgorithm | The JWK algorithm. |
| JWKKeyId | The JWK key Id. |
| JWKKeyOps | The JWK intended key operations list. |
| JWKUse | The JWK use parameter value. |
| KeyFormat | How the public and private key are formatted. |
| ReplaceKey | Whether or not to replace an existing key when creating a new key. |
| RequestSubjectAltNames | Subject Alternative Names for a Certificate Signing Request. |
| SavedCert | The saved certificate file. |
| SubjectAltNames | Subject Alternative Names for creating or issuing certificates. |
| UseBackgroundThread | Whether threads created by the cmdlet are background threads. |
| UseInternalSecurityAPI | Tells the cmdlet whether or not to use the system security libraries or an internal implementation. |