I am completely new to Windows PowerShell. I am trying to change the IIS's default web site's SSL settings from Required SSL = false and client certificate = ignore
to Required SSL = true and client certificate = accept
using powershell (I have to configure it to ansible playbook) I have searched but didn't get any solution.
Kindly help. Any leads or solution will be appreciated. :) Thank You
Use the Set-WebConfiguration
cmdlet. There's a great configuration reference on IIS.NET that you can use to find the valid values - in this case Ssl
and SslNegotiateCert
:
Set-WebConfiguration -Location "[sitename]" -Filter 'system.webserver/security/access' -Value 'Ssl,SslNegotiateCert'
Actually, Set-WebConfiguration
does not work on attributes in a reliable manner.
What you instead want to use is:
$cfgSection = Get-IISConfigSection -Location "{siteName}/{appName}" -SectionPath "system.webServer/security/access";
Set-IISConfigAttributeValue -ConfigElement $cfgSection -AttributeName "sslFlags" -AttributeValue "Ssl, SslNegotiateCert";
Note that after you use Set-IISConfigAttributeValue
(and commit the change, if you're doing a delayed commit), you can't use that instance of $cfgSection to make subsequent changes; you'll have to fetch another instance first.
PS: If you want to see what's in the config before you mess with it (or afterwards), the authoritative settings are here: C:\\Windows\\System32\\inetsrv\\config\\applicationHost.config
Or you can continue the above code and add Get-IISConfigAttributeValue -ConfigElement $cfgSection -AttributeName "sslFlags";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.