开发者

Powershell IIS7 Snap in Assign SSL certificate to https binding

问答 作者:

As part of our automated build procedure we are trashing and reconstructing our IIS site with powershe开发者_运维知识库ll scripts.

Once i have created the AppPool and the website complete with binding information I want to set the SSL certificate for the https binding. I can't find any concrete examples onl;ine anywhere that demonstrate this.

Any ideas?

Looking for a benevolent powershell god...

You can merge previous examples with creation of an https binding in a web site. 

import-module webadministration
$computerName = $Env:Computername
$domainName = $Env:UserDnsDomain
New-WebBinding -Name "MyWebSite" -IP "*" -Port 443 -Protocol https
Get-ChildItem cert:\LocalMachine\My | where { $_.Subject -match "CN\=$Computername\.$DomainName" } | select -First 1 | New-Item IIS:\SslBindings\0.0.0.0!443

Here is how to do it simply:

First identify thecertificate that you want to assign and obtain it's thumbprint

e.g. Your certificate might be in cert:\LocalMachine\Root

You can obtain the thumbprint with the following:

$thumb = (Get-ChildItem cert:\LocalMachine\Root | where-object { $_.Subject -like "YOUR STRING HERE*" } | Select-Object -First 1).Thumbprint

<<< Now one can assign the certificate to an ip address and port comme ci >>>

$IPAddress = 101.100.1.90

$port = 443

Push-Location IIS:\SslBindings

Get-Item cert:\LocalMachine\Root\$thumb | New-Item $IPAddress!$port

Pop-Location

Hope this is of help to anyone

You can make the script simpler like this:

Get-ChildItem cert:\LocalMachine\Root | where { $_.Subject -like "YOUR STRING HERE*" } | select -First 1 | New-Item IIS:\SslBindings\0.0.0.0!443

Use 0.0.0.0 to target all hosted IP's (equivalent to "*" in IIS Manager) or replace it with a specific IP if needed.

I've found an example here on how one can assign the certificate.

http://learn.iis.net/page.aspx/491/powershell-snap-in-configuring-ssl-with-the-iis-powershell-snap-in/

However, it doesn't seem very elegant having to hard code the certificate thumbprint ... so if any one knows of a better method, I'd be glad to hear.

继续阅读:iis-7ssl-certificate

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9