I am trying to use PowerShell to set the SSL certificate on an IIS site for a self signed\/local certificate.
$newCert =
New-SelfSignedCertificate
-DnsName www.mywebsite.ru
-CertStoreLocation cert:\LocalMachine\My
You have to assign the certifcate to a specific site.
You can retrieve the binding information of your site using the Get-WebBinding cmdlet and set the SSL Certificate using the AddSslCertificate
function:
$siteName = 'mywebsite'
$dnsName = 'www.mywebsite.ru'
# create the ssl certificate
$newCert = New-SelfSignedCertificate -DnsName $dnsName -CertStoreLocation cert:\LocalMachine\My
# get the web binding of the site
$binding = Get-WebBinding -Name $siteName -Protocol "https"
# set the ssl certificate
$binding.AddSslCertificate($newCert.GetCertHashString(), "my")
I had the same error as "Chuck D" when using the answer, I found an additional step was required:
The SSL certificate needs to be in the certificate store before binding to adding to an IIS website binding. This can be done in powershell using the following command:
Import-PfxCertificate -FilePath "C:\path to certificate file\certificate.pfx" -CertStoreLocation "Cert:\LocalMachine\My"
The AddSslCertificate method not available everywhere. I found different solution by using Netsh.
$iisCert = Get-ChildItem -Path "Cert:\LocalMachine\MY" `
| Where-Object { $_.FriendlyName -eq "IIS Express Development Certificate" } `
| Select-Object -First 1
$applicationId = [Guid]::NewGuid().ToString("B")
netsh http add sslcert ipport=0.0.0.0:443 certhash=$($iisCert.Thumbprint) appid=$applicationId
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.