?
Solved

Add a certificate to IIS global "Server Certificates" list using PowerShell?

Posted on 2012-03-19
8
Medium Priority
?
876 Views
Last Modified: 2012-04-17
Hi,

Been surfing the web for an example on how to add a certificate to the "global" IIS "Server Certificates" list using PowerShell but to no luck. I already have code in place on how to tie / associate a specific website with a specific cert but not how to add the new .cer file using the "Complete Certificate Request..." wizard using PowerShell.... I dont expect the final code to become published but if someone had an idea on how to integrate / get an entry point on where to interact between the "Server Certificate" list in IIS and POSH I would be super happy! :|
 
I am runnign IIS on a Windows 2008R2 x64 Standard Edition if that helps..... of course, I would settle for an CLI if there is no other way, but POSH is of course the way to go! :)
 
Thanks for the help in advance guys, take care!
0
Comment
Question by:Kandium
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 42

Expert Comment

by:sedgwick
ID: 37738347
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 37738359
please check jgovednik post here:

http://forums.iis.net/t/1172382.aspx
0
 

Author Comment

by:Kandium
ID: 37742324
We are wanting to add a *.cer file and not a *.pfx file, but yes... the function below does work with a pfx file.

function Add-SSLCertificate{
param([string]$pfxPath,[string]$pfxPassword,[string]$hostHeader,[string]$siteName)

$certMgr = New-Object -ComObject IIS.CertObj -ErrorAction SilentlyContinue 
$certMgr.ImportToCertStore($pfxPath,$pfxPassword,$true,$true)

Import-Module WebAdministration;
New-WebBinding -Name $siteName -Port 443 -Protocol https -HostHeader $hostHeader 
}

Open in new window


Also - Yes, we have explored the IIS PowerShell Snap-in and could not find anything to work natively.

Thanks!
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 42

Expert Comment

by:sedgwick
ID: 37742553
what i'd is convert *.pfx to *.cer format either by certificate manager in Windows Management Console or using pvkimprt tool:
http://www.microsoft.com/download/en/details.aspx?displaylang=EN&id=6563
and then using the powershell script above.

also check the following link:
http://www.ehow.com/how_8586664_convert-cer-pfx.html
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 37793121
hi,

did u get any progress with your issue?
do u need any further help?

cheers
0
 

Author Comment

by:Kandium
ID: 37796034
Hey,

The tool specified "pvkimprt" does not exist in Windows Server 2008R2 and doing it graphically isn't a solution we are looking for, we need this to be done all through scripting.

We are now also talking to Microsoft for a solution for this one as well and the question has been escalated.

Thanks again!
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 1500 total points
ID: 37796146
well, i used this tool in server2008R2, you can download it from here http://www.microsoft.com/download/en/details.aspx?id=6563
also check this post which describes how to create Code Signing Certificate on Windows Server 2008 with OpenSSL and pvkimprt.
http://blog.webactivedirectory.com/create-a-code-signing-certificate-on-windows-server-2008-with-openssl-and-pvkimprt/

>>doing it graphically isn't a solution we are looking for
what do u mean?

you can have the powershell script run the pvkimprt and passing required parameters in command line, make the conversion and running the rest of the script. so basically you got it all in a single PS script.
0
 

Author Comment

by:Kandium
ID: 37855476
Thanks segwick, that solution will work and we will use it since we have not heard back from MS
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question