This page is retired and no longer updated. Project documentation and download links are moved to their new home: PowerShell PKI Module.
This command requires installed Remote Server Administration Tools (RSAT)

Restore-CertificateRevocationListFlagDefault

Synopsis

Restores default CA certificate revocation list (CRL) configuration flags.

Syntax

Restore-CertificateRevocationListFlagDefault [-InputObject] <CRLFlag[]> [-RestartCA] [<CommonParameters>]

Description

Restores default CA certificate revocation list (CRL) configuration flags and discards any previous CRL flag modifications. This command is helpful in the case of incorrect configuration or you want to stay "default".

By default only these flags are enabled:
DeleteExpiredCRLs - deletes CRLs signed by the expired CA keys.

Parameters

-InputObject <CRLFlag[]>

Specifies existing CRLFlag object. This object can be retrieved by running Get-CertificateRevocationListFlag command.

Required? True
Position? 0
Default value
Accept pipeline input? true (ByValue, ByPropertyName)
Accept wildcard characters? False

-RestartCA <SwitchParameter>

Restarts CA service on the specified CA server to immediately apply changes.

Required? False
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? False

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, InformationAction, InformationVariable,
WarningAction, WarningVariable, OutBuffer, PipelineVariable and OutVariable.
For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/?LinkID=113216).

Inputs

PKI.CertificateServices.Flags.CRLFlag

Outputs

PKI.CertificateServices.Flags.CRLFlag

Notes

Author: Vadims Podans
Blog: https://www.sysadmins.lv

Examples

Example 1

PS C:\> Get-CertificationAuthority ca01.company.com | Get-CRLFlag | Restore-CRLFlagDefault -RestartCA

The command restores default flags for CA CRL configuration for CA server running on ca01.company.com computer. After the configuration is changed, the command will restart certificate services to immediately apply changes.

Related links

Get-CertificationAuthority
Connect-CertificationAuthority
Get-CertificateRevocationListFlag
Enable-CertificateRevocationListFlag
Disable-CertificateRevocationListFlag

Minimum PowerShell version support

  • PowerShell 3.0

Operating System Support

  • Windows Server 2003 all editions
  • Windows Server 2008 all editions
  • Windows Server 2008 R2 all editions
  • Windows Server 2012 all editions
  • Windows Server 2012 R2 all editions
  • Windows Server 2016 all editions

Share this article: