Summary
Adds a signing key in PFX format to HP Sure Admin Key Management Service (KMS)
Syntax
Add-HPSureAdminSigningKeyToKMS [-SigningKeyFile] <FileInfo> [[-SigningKeyPassword] <String>] [-KMSAppName] <String> [-AADGroup] <String> [-KeyName] <String> [[-CacheAccessToken]] [<CommonParameters>]
Add-HPSureAdminSigningKeyToKMS [-SigningKeyFile] <FileInfo> [[-SigningKeyPassword] <String>] [-KMSUri] <String> [-AADGroup] <String> [-KeyName] <String> [[-CacheAccessToken]] [<CommonParameters>]
Description
This command extracts a private key from the provided certificate file, generates a JSON for the central-managed enrollment process, and sends it to the HP Sure Admin Key Management Service (KMS). The connection with the KMS server requires the user to authenticate with a valid Microsoft account.
Parameters
Name | Argument | Description |
---|---|---|
SigningKeyFile | <FileInfo> | Specifies the path to the signing key as a PFX file. If the PFX file is protected by a password (recommended), the -SigningKeyPassword parameter should also be provided. |
SigningKeyPassword | <String> | Specifies the signing key file password, if required. |
KMSUri | <String> | Specifies the complete URI for uploading the key (I.e.: https:// |
KMSAppName | <String> | Specifies the application name on Azure KMS server that will be used to compose the URI for uploading the key |
AADGroup | <String> | Specifies the group name in Azure Active Directory that will have access to the key |
KeyName | <String> | |
CacheAccessToken | If specified, the access token is cached in msalcache.dat file and user credentials will not be asked again until the credentials expire. This parameter should be specified for caching the access token when performing multiple operations on the KMS server. If access token is not cached, the user must re-enter credentials on each call of this command. |
Notes
- Supported on Windows Power Shell v5.
- An HP Sure Admin KMS server is required for using this feature.
Examples
PS C:\> Add-HPSureAdminSigningKeyToKMS -SigningKeyFile "$path\signing_key.pfx" -KMSUri "https://MyKMSURI.azurewebsites.net/" -AADGroup "MyAADGroupName"
PS C:\> Add-HPSureAdminSigningKeyToKMS -SigningKeyFile "$path\signing_key.pfx" -SigningKeyPassword "pass" -KMSAppName "MyAppName" -AADGroup "MyAADGroupName"