PowerShell to setup Self-Signed SSL on a Website

This is pretty much a reprint of http://learn.iis.net/page.aspx/491/powershell-snap-in-configuring-ssl-with-the-iis-powershell-snap-in/

1

Import-Module WebAdministration<br><br># Setup Certificate Data<br>$bdate = Get-Date -Format "MM/dd/yyyy"<br>$edate = ([DateTime]::Now).AddYears(50).ToString("MM/dd/yyyy")<br><br>$makecertPath = "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin"<br>$subject = "CN=www.local.mywebsite.com"<br><br>$ipAddress = "127.0.0.7"<br><br># Make the Certificate<br>cd $makecertPath<br>./makecert.exe -r -pe -n "$subject" -b $bdate -e $edate -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12<br><br># Get the Certificate for PowerShell<br>$cert = Get-ChildItem cert:\LocalMachine\My | Where-Object {$_.Subject -eq $subject} | Select-Object -First 1<br>$thumb = $cert.Thumbprint<br><br># Add Certificate to Website<br>Set-Location IIS:\SslBindings<br>Get-Item cert:\LocalMachine\My\$thumb | New-Item $ipAddress!443

Resources:

[1] http://msdn.microsoft.com/en-us/library/bfsktky3.aspx (definition of makecert –sp & –sy)

Commands For Windows Server Core

This is a small collection of command line commands that make working with server core easier:

start cmd: open a new command prompt window

taskmgr: the classic command works

notepad: still works, as is always useful

shutdown –l: logoff the server

C:\Program Files\Microsoft Network Monitor 3\netmon.exe: If netmon is installed through the GUI setup, then the installer adds the directory to that path; which makes it even easier to run. But, if you use a command line quiet (/q) install, then you need to type out the whole path.

powershell:

• Import-Module WebAdministration
• Import-Module ServerManager
• Set an environment variable
• http://msdn.microsoft.com/en-us/library/windows/desktop/dd878326(v=vs.85).aspx
• Microsoft Script Center
•  http://technet.microsoft.com/en-us/scriptcenter/bb410849.aspx

Control VPN Connections Through IIS

Using IIS as a service provider, you can call Windows internal Rasdial system to connect, disconnect, and check the status of VPN connections.

Rasdial.exe (http://technet.microsoft.com/en-us/library/ff859533(v=ws.10)) is an internal program which Windows uses to create VPN connections. It’s command line interface can also be used to disconnect a connection or check what connections are currently active. This is a small wrapper website that calls Rasdial, in order to handle VPN connections from a remote location through http.

To set this up, you’ll need an ASP.NET MVC website, and a few changes. This example is using IIS 7.5, ASP.NET MVC 4, on .NET 4.5.

Once the basic ASP.NET MVC website is created, the updates are:

1) Change the Default route:

1	routes.MapRoute(<br>    name: "Default", <br>    url: "{action}/{id}", <br>    defaults: new { controller = "Vpn", action = "Disconnect", id = UrlParameter.Optional } <br>);

2) Add a VpnController for the default route to use:

1

using System;   <br>using System.Collections.Generic;   <br>using System.Diagnostics;   <br>using System.Linq;   <br>using System.Timers;   <br>using System.Web;   <br>using System.Web.Mvc; <br>namespace mpfiles.VpnReset.Controllers   <br>{   <br>    public class VpnController : Controller   <br>    {   <br>        private const string DefaultName = "vpn connection name";<br><br>        public ActionResult Disconnect(string name = DefaultName) <br>        {   <br>            var arguments = string.Format("\"{0}\" /d", name);   <br>            return HandleRasDial(arguments);   <br>        }<br><br>        public ActionResult Connect(   <br>            string name = DefaultName,   <br>            string username = "username",   <br>            string password = "password"   <br>        ) {   <br>            var arguments = string.Format("\"{0}\" {1} {2}", name, username, password);   <br>            return HandleRasDial(arguments);   <br>        }<br><br>        public ActionResult Status(string name = DefaultName)  <br>        {   <br>            return HandleRasDial(string.Empty);   <br>        }<br><br>        public ActionResult HandleRasDial(string arguments)  <br>        {   <br>            var startTime = DateTime.Now;   <br>            var message = RasDial(arguments);   <br>            message = message.Replace("\n", "<br />");   <br>            var endTime = DateTime.Now;   <br>            message += "<br />" + String.Format("[{0}]", (endTime - startTime));<br><br>            return new ContentResult { Content = message };  <br>        }<br><br>        public string RasDial(string arguments)   <br>        {   <br>            var proc = new Process();<br><br>            proc.StartInfo.FileName = "rasdial";   <br>            proc.StartInfo.WorkingDirectory = HttpContext.Request.PhysicalApplicationPath;   <br>            proc.StartInfo.Arguments = arguments;   <br>            proc.StartInfo.RedirectStandardError = true;   <br>            proc.StartInfo.RedirectStandardOutput = true;   <br>            proc.StartInfo.UseShellExecute = false;   <br>            proc.StartInfo.CreateNoWindow = true;   <br>            proc.EnableRaisingEvents = false;<br><br>            proc.Start();   <br>            var output = proc.StandardOutput.ReadToEnd();   <br>            output += proc.StandardError.ReadToEnd();   <br>            proc.WaitForExit();   <br>            proc.Dispose();<br><br>            return output;   <br>        }<br><br>    }   <br>} <br><br>  <br>

I hope someone else will find this useful.