Get-FasKeyConfig
Synopsis
Gets the key configuration for the given certificate type
Syntax
Get-FasKeyConfig -CertificateType <String> [-Address <String>] [-UserName <String>] [-Password <String>]
[<CommonParameters>]
<!--NeedCopy-->
Description
The key configuration is used when creating the key-pair associated with a certificate generated by FAS.
There are two types of certificate that FAS can generate, namely RA (Registration Authority) and User certificates.
This command retrieves the key configuration used when creating a key-pair for the specified certificate type.
The following fields are returned:
- CertificateType: whether this is the configuration for a user or RA certificate
- Ksp: flag to indicate whether the provider is a KSP or CSP
- Provider: the name of the provider used to create and store key-pairs
- CspType: the type of CSP (applicable only when Ksp is false), for example: PROV_RSA_AES is 24
- Length: the key length in bits
- EllipticCurve: if true, Elliptic Curve keys are created, otherwise RSA keys are created
- Prefix: an optional prefix for the identifiers of key-pairs created by FAS
- Exportable: whether the private key can be exported from the provider
- IsDefaultSoftwareProvider: flag indicating whether the default provider is being used (i.e. ‘Microsoft Software Key Storage Provider’)
- IsDefaultTpmProvider: flag indicating whether the default TPM provider is being used (i.e. ‘Microsoft Platform Crypto Provider’)
- Algorithm: indication of whether RSA or ECC keys are created (corresponds to the value of the EllipticCurve flag)
Examples
Example 1
PS C:\> Get-FasKeyConfig -Address localhost -CertificateType user
<!--NeedCopy-->
Fetches the key configuration used to create the key-pair for a user certificate
Example 2
PS C:\> Get-FasKeyConfig -Address localhost -CertificateType ra
<!--NeedCopy-->
Fetches the key configuration used to create the key-pair for an ra certificate
Parameters
-CertificateType
The type of certificate to retrieve key configuration for.
Valid options are ‘ra’ or ‘user’.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
<!--NeedCopy-->
-Address
Address of FAS Server (or $NULL to use $CitrixFasAddress)
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
<!--NeedCopy-->
-UserName
User name for authentication to FAS server.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
<!--NeedCopy-->
-Password
Password for authentication to FAS server
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
<!--NeedCopy-->
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
Outputs
Citrix.Authentication.FederatedAuthenticationService.PowerShell.KeyConfiguration.Models.FasKeyConfiguration
The Key Configuration