PowerShell to setup Self-Signed SSL on a Website

Posted by Steven Maglio on Sunday, July 29, 2012

This is pretty much a reprint of http://learn.iis.net/page.aspx/491/powershell-snap-in-configuring-ssl-with-the-iis-powershell-snap-in/

Import-Module WebAdministration

# Setup Certificate Data
$bdate = Get-Date -Format "MM/dd/yyyy"
$edate = ([DateTime]::Now).AddYears(50).ToString("MM/dd/yyyy")

$makecertPath = "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin"
$subject = "CN=www.local.mywebsite.com"

$ipAddress = "127.0.0.7"

# Make the Certificate
cd $makecertPath
./makecert.exe -r -pe -n "$subject" -b $bdate -e $edate -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12

# Get the Certificate for PowerShell
$cert = Get-ChildItem cert:\LocalMachine\My | Where-Object {$_.Subject -eq $subject} | Select-Object -First 1
$thumb = $cert.Thumbprint

# Add Certificate to Website
Set-Location IIS:\SslBindings
Get-Item cert:\LocalMachine\My\$thumb | New-Item $ipAddress!443


Resources:



[1] http://msdn.microsoft.com/en-us/library/bfsktky3.aspx (definition of makecert –sp & –sy)

Labels: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Creative Commons License
This site uses Alex Gorbatchev's SyntaxHighlighter, and hosted by herdingcode.com's Jon Galloway.