question

LukeUhren-6505 avatar image
0 Votes"
LukeUhren-6505 asked cooldadtx commented

WIndows Server IIS Web Binding Powershell

I am wondering how to go about setting the web binding to a specific certificate via powershell in IIS.

Example here would be the web binding on the default web site as when I renew the cert and export it in, this will show not selected
99507-image.png



For the commands I have seen researching don't seem to work.

Example here

Import-Module Webadministration
$IPAddress = ''
$sitename = "sitename.ca"
Remove-WebBinding -Name "Default Web Site" -Protocol "https" -IPAddress $IPAddress -Port 443 -HostHeader $sitename
New-WebBinding -Name "Default Web Site" -Protocol "https" -IPAddress $IPAddress -Port 443 -HostHeader $sitename -SslFlags 1
$SSLCert = Get-ChildItem –Path "cert:\LocalMachine\My" | Where-Object {$.subject -like 'cn=sitename.ca' -and $.Issuer -Like "CN=R3
"}

Then the below I have seen to try and add the cert will just give the error Cannot find drive. A drive with the name 'IIS' does not exist

New-Item -Path "IIS:\SslBindings*!443!$sitename" -Value $SSLCert

What is the correct syntax to assign a SSL certificate in the edit site binding via powershell that I am missing?

Any help is greatly appreicated!

windows-server-iis
image.png (5.3 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

cooldadtx avatar image
0 Votes"
cooldadtx answered

Use the -Thumbprint argument instead of Value. Since $SSLCert is the actual cert object specify the Thumbprint property when setting it. Something like this might work but you might need to play around with it a little bit.

New-Item -Path "..." -Thumbprint $SSLCert.Thumbprint
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LukeUhren-6505 avatar image
0 Votes"
LukeUhren-6505 answered cooldadtx commented

I did try it and did not work. I have found the following and all did not work. I am on server 2012 R2 and IIS version 8.5

New-Item -Path "IIS:\SslBindings$IPAddress!443!$sitename" -Thumbprint $thumbprint
-error "New-Item: A parameter cannot be found that matches parameter name 'Thumbprint'"

New-Item -Path "IIS:\SslBindings*!443!$sitename" -Value $SSLCert
-error "New-Item: Cannot find drive. A drive with the name 'IIS' does not exist."

netsh http add sslcert
-error "wont allow me to use * as the ip which its set to"

get-item cert:\LocalMachine\MY\$thumbprint | new-item $IPAddress!443
-error "syntax is incorrect"

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

It doesn't seem like the IIS PS provider is installed because it cannot find the IIS provider. That is what WebAdministration provides though which leads me to believe you are not running the script as an admin. You need elevated permissions for it to be able to access the IIS information.


Import-Module WebAdministration

Get-ChildItem "IIS:\Sites"
0 Votes 0 ·