New-CATemplate

SYNOPSIS

Create a new certificate template

SYNTAX

New-CATemplate [-TemplateName] <String> [[-DisplayName] <String>] [-SourceTemplateName] <String>
 [[-ApplicationPolicy] <String[]>] [[-EnrollmentFlags] <EnrollmentFlags>]
 [[-PrivateKeyFlags] <PrivateKeyFlags>] [[-KeyUsage] <KeyUsage>] [[-Version] <Int32>]
 [[-ValidityPeriod] <TimeSpan>] [[-RenewalPeriod] <TimeSpan>] [<CommonParameters>]

DESCRIPTION

Create a new certificate template from a source template

EXAMPLES

Example 1

PS C:\> New-CATemplate -TemplateName WebServerCustom -DisplayName "Custom Web Server" -SourceTemplateName WebServer -RenewalPeriod 60.00:00:00

Duplicates the template WebServer with the new name WebServerCustom and a renewal period of 60 days

PARAMETERS

-ApplicationPolicy

The application policies ot assign

Type: String[]
Parameter Sets: (All)
Aliases:
Accepted values: EFS_RECOVERY, Auto Update CA Revocation, No OCSP Failover to CRL, OEM_WHQL_CRYPTO, Windows TCB Component, DNS Server Trust, Windows Third Party Application Component, ANY_APPLICATION_POLICY, KP_LIFETIME_SIGNING, Disallowed List, DS_EMAIL_REPLICATION, LICENSE_SERVER, KP_KEY_RECOVERY, Windows Kits Component, AUTO_ENROLL_CTL_USAGE, PKIX_KP_TIMESTAMP_SIGNING, Windows Update, Document Encryption, KP_CTL_USAGE_SIGNING, IPSEC_KP_IKE_INTERMEDIATE, PKIX_KP_IPSEC_TUNNEL, Code Signing, KP_KEY_RECOVERY_AGENT, KP_QUALIFIED_SUBORDINATION, Early Launch Antimalware Driver, Remote Desktop, WHQL_CRYPTO, EMBEDDED_NT_CRYPTO, System Health Authentication, DRM, PKIX_KP_EMAIL_PROTECTION, KP_TIME_STAMP_SIGNING, Protected Process Light Verification, Endorsement Key Certificate, KP_IPSEC_USER, PKIX_KP_IPSEC_END_SYSTEM, LICENSES, Protected Process Verification, IdMsKpScLogon, HAL Extension, KP_OCSP_SIGNING, Server Authentication, Auto Update End Revocation, KP_EFS, KP_DOCUMENT_SIGNING, Windows Store, Kernel Mode Code Signing, ENROLLMENT_AGENT, ROOT_LIST_SIGNER, Windows RT Verification, NT5_CRYPTO, Revoked List Signer, Microsoft Publisher, Platform Certificate, Windows Software Extension Verification, KP_CA_EXCHANGE, PKIX_KP_IPSEC_USER, Dynamic Code Generator, Client Authentication, DRM_INDIVIDUALIZATION

Required: False
Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-DisplayName

The display name of the template

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-EnrollmentFlags

The enrollment flags to assign, e.g. Autoenrollment

Type: EnrollmentFlags
Parameter Sets: (All)
Aliases:
Accepted values: None, IncludeSymmetricAlgorithms, CAManagerApproval, KraPublish, DsPublish, AutoenrollmentCheckDsCert, Autoenrollment, ReenrollExistingCert, RequireUserInteraction, RemoveInvalidFromStore, AllowEnrollOnBehalfOf, IncludeOcspRevNoCheck, ReuseKeyTokenFull, BasicConstraintsInEndEntityCerts, IgnoreEnrollOnReenrollment, IssuancePoliciesFromRequest

Required: False
Position: 4
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-KeyUsage

The key usage, e.g. KEY_ENCIPHERMENT for a document encrypt cert usable by CMS

Type: KeyUsage
Parameter Sets: (All)
Aliases:
Accepted values: NO_KEY_USAGE, ENCIPHER_ONLY_KEY_USAGE, CRL_SIGN, KEY_CERT_SIGN, KEY_AGREEMENT, DATA_ENCIPHERMENT, KEY_ENCIPHERMENT, NON_REPUDIATION, DIGITAL_SIGNATURE, DECIPHER_ONLY_KEY_USAGE

Required: False
Position: 6
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-PrivateKeyFlags

The private key flags, e.g. AllowKeyExport

Type: PrivateKeyFlags
Parameter Sets: (All)
Aliases:
Accepted values: None, RequireKeyArchival, AllowKeyExport, RequireStrongProtection, RequireAlternateSignatureAlgorithm, ReuseKeysRenewal, UseLegacyProvider, TrustOnUse, ValidateCert, ValidateKey, Preferred, Required, WithoutPolicy, xxx

Required: False
Position: 5
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-RenewalPeriod

The renewal period

Type: TimeSpan
Parameter Sets: (All)
Aliases:

Required: False
Position: 9
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-SourceTemplateName

The template to duplicate

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-TemplateName

The new template name

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 0
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ValidityPeriod

The validity period

Type: TimeSpan
Parameter Sets: (All)
Aliases:

Required: False
Position: 8
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Version

The version of the template

Type: Int32
Parameter Sets: (All)
Aliases:

Required: False
Position: 7
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

None

OUTPUTS

System.Object

NOTES