🟣KeySpec

Specifies whether the private key associated with the new certificate can be used for signing, encryption, or both.

Determines if the key can be used for signatures, for Exchange (encryption), or for both.

These values are only used for Microsoft's Certreq command:

Value Description

Value	Description
`AT_NONE`	Indicates that this cmdlet uses the default value from the underlying CSP.
`AT_SIGNATURE`	Can be used for signing.
`AT_KEYEXCHANGE`	Can be used for signing and encryption.

AT_NONE

Indicates that this cmdlet uses the default value from the underlying CSP.

AT_SIGNATURE

Can be used for signing.

AT_KEYEXCHANGE

Can be used for signing and encryption.

❊ Notes

If unsure, use AT_KEYEXCHANGE.

KeySpec = "AT_KEYEXCHANGE"

Last updated 1 year ago