Removes existing Authority Information Access (AIA) URI from Certification Authority configuration.
Remove-AuthorityInformationAccess [-InputObject] <AuthorityInformationAccess[]> [[-URI] <String[]>] [<CommonParameters>]
Removes existing Authority Information Access (AIA) URI from Certification Authority configuration. This command doesn't change actual settings, but just prepares AIA URIs.
You should carefully choose URIs to remove. If you incorrectly remove working and used URIs issued certificates validation may fail and certificate will be rejected.
Specifies the AIA object to process. This object can be retrieved by running Get-AuthorityInformationAccess command.
Required? | True |
Position? | 0 |
Default value | |
Accept pipeline input? | true (ByValue, ByPropertyName) |
Accept wildcard characters? | False |
Specifies exact or partial pattern for URI to remove. This parameter accepts wildcards: '*' and '?'.
* - is used as multiple character wildcard
? - is used as single character wildcard
Note: be careful with this command. If you remove existing and working URLs certificate chain building may fail.
Required? | False |
Position? | 1 |
Default value | |
Accept pipeline input? | false |
Accept wildcard characters? | False |
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, InformationAction, InformationVariable,
WarningAction, WarningVariable, OutBuffer, PipelineVariable and OutVariable.
For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/?LinkID=113216).
PKI.CertificateServices.AuthorityInformationAccess
PKI.CertificateServices.AuthorityInformationAccess
Author: Vadims Podans
Blog: https://www.sysadmins.lv
PS C:\> Get-CertificationAuthority -Name MyCA | Get-AuthorityInformationAccess | Remove-AuthorityInformationAccess -URI "*c:\windows*" | Set-AuthorityInformationAccess -RestartCA
This example will remove all AIA URIs that contains "c:\windows" pattern. After command completion certificate services will be restarted to immediately apply changes.
PS C:\> Get-CertificationAuthority -Name MyCA | Get-AuthorityInformationAccess | Remove-AuthorityInformationAccess -URI "*ldap://*" | Set-AuthorityInformationAccess -RestartCA
This example will remove all URIs that are used for CRT file publication and/or retrieval from Active Directory. After command completion certificate services will be restarted to immediately apply changes.
Get-CertificationAuthority
Connect-CertificationAuthority
Get-AuthorityInformationAccess
Add-AuthorityInformationAccess
Set-AuthorityInformationAccess