Remove-CsCertificate
Removes a certificate previously marked as being available for use by Skype for Business Server. This cmdlet was introduced in Lync Server 2010.
Syntax
Default (Default)
Remove-CsCertificate
[-Type <CertType[]>]
[-NetportId <String>]
[-Force]
[-Report <String>]
[-WhatIf]
[-Confirm]
[[-Identity] <XdsIdentity>]
[-Previous]
[<CommonParameters>]
Description
Skype for Business Server uses certificates as a way for servers and server roles to verify their identities; for example, an Edge Server uses certificates to verify that the computer it is communicating with really is a Front End Server and vice versa. In order to fully implement Skype for Business Server, you will need to have the appropriate certificates assigned to the appropriate server roles.
The Remove-CsCertificate cmdlet provides a way for you to remove certificates currently in use by Skype for Business Server.
The Remove-CsCertificate cmdlet does not actually delete the certificate itself; instead, it marks the certificate as no longer being available for use by Skype for Business Server, removes any certificate bindings and revokes access permissions to the certificate (assuming no other service is using the certificate).
Among other things, this means that the certificate will no longer appear when you run the Get-CsCertificate cmdlet.
To again use the certificate with Skype for Business Server you will need to reassign the certificate to Skype for Business Server by using the Set-CsCertificate cmdlet.
If you try to remove a certificate that is currently in use, the Remove-CsCertificate cmdlet will be ask if you are sure that you want to remove the certificate; the certificate cannot be removed until you respond to that prompt.
To bypass the prompt and silently delete a certificate even if it is currently in use, add the Force parameter to your command:
Remove-CsCertificate -Type WebServicesExternal -Force
Examples
Example 1
Remove-CsCertificate -Type WebServicesExternal
The command shown in Example 1 deletes all the WebServicesExternal certificates available to Skype for Business Server.
If any of these certificates are currently being used, the Remove-CsCertificate cmdlet will ask you if you are sure you want to remove the certificate; you must respond to that prompt before the command can complete.
To bypass the confirmation prompt, use the Force parameter:
Remove-CsCertificate -Type WebServicesExternal -Force
Parameters
-Confirm
Applicable: Lync Server 2010, Lync Server 2013, Skype for Business Server 2015, Skype for Business Server 2019
Prompts you for confirmation before executing the command.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Force
Applicable: Lync Server 2010, Lync Server 2013, Skype for Business Server 2015, Skype for Business Server 2019
Bypasses the confirmation prompt that typically occurs if you attempt to delete a certificate that is currently in use.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Identity
Applicable: Lync Server 2013, Skype for Business Server 2015, Skype for Business Server 2019
When set to Global, removes the certificate from the global scope. When not specified, certificates are removed from the local computer.
Parameter properties
| Type: | XdsIdentity |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 2 |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-NetportId
Applicable: Lync Server 2010
Reserved for future use. This parameter is for certificates dedicated to a specific port, a scenario not yet supported by Lync Server.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Previous
Applicable: Lync Server 2013, Skype for Business Server 2015, Skype for Business Server 2019
When specified, removes the previously-assigned certificate instead of the currently-assigned certificate.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Report
Applicable: Lync Server 2010, Lync Server 2013, Skype for Business Server 2015, Skype for Business Server 2019
Enables you to record detailed information about the procedures carried out by the Remove-CsCertificate cmdlet.
The parameter value should be the full path to the HTML file to be generated; for example:
-Report C:\Logs\Certificates.html.
If the specified file already exists it will automatically be overwritten with the new information.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Type
Applicable: Lync Server 2010, Lync Server 2013, Skype for Business Server 2015, Skype for Business Server 2019
Type of certificate to be deleted. Certificate types include (but are not limited to):
AccessEdgeExternal
AudioVideoAuthentication
DataEdgeExternal
Default
External
Internal
PICWebService (Skype for Business Online only)
ProvisionService (Skype for Business Online only)
WebServicesExternal
WebServicesInternal
WsFedTokenTransfer
For example, this syntax deletes the Default certificate: -Type Default.
You can delete multiple types in a single command by separating the certificate types with commas:
-Type Internal,External,Default
Parameter properties
| Type: | CertType[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Applicable: Lync Server 2010, Lync Server 2013, Skype for Business Server 2015, Skype for Business Server 2019
Describes what would happen if you executed the command without actually executing the command.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
The Remove-CsCertificate cmdlet does not accept pipelined input.
Outputs
None
Instead, the Remove-CsCertificate cmdlet deletes instances of the Microsoft.Rtc.Management.Deployment.CertificateReference object.