You can configure how PowerCLI responds when a server certificate is not valid.
Use the
InvalidCertificateAction parameter of the
Set-PowerCLIConfiguration cmdlet to configure how
PowerCLI responds to invalid server certificates.
Procedure
- Run Get-PowerCLIConfiguration and view the current setting of the InvalidCertificateAction parameter.
- To change the setting, run
Set-PowerCLIConfiguration -InvalidCertificateAction and specify one of the following values.
Unset. This is the default value and corresponds to Fail.Fail. PowerCLI does not establish a connection if a certificate is not valid.Ignore. PowerCLI ingnores certificate validity and establishes a connection.Warn. PowerCLI logs a warning message that a certificate is not valid, displays additional information about the certificate, and establishes the connection.Prompt. If a server certificate is not valid, PowerCLI prompts you to choose an action before it continues. You can choose one of the following options.
| Option |
Action |
| Deny (default) |
Cancel the server connection. |
| Accept Once |
Establish the server connection and suppress further warnings for the current PowerShell session. |
| Accept Permanently |
Save the server certificate in the PowerCLI Trusted Certificate Store for the current user and establish the server connection. |
| Accept For All Users |
Save the server certificate both in the current user's Trusted Certificate Store and in the all users' Trusted Certificate Store and establish the server connection. |
Note: For Linux and macOS, only the
Fail and
Ignore options are supported.
A warning message prompts you to confirm the operation. Press Y and then press Enter to confirm your choice.
Results
You configured the invalid server certificate action setting. PowerCLI displays a table with the updated configuration settings.
Trusted certificates are saved in the PowerCLI Trusted Certificate Store.
What to do next
Use PowerCLI to connect to a server system.
