Kandium
asked on
Add a certificate to IIS global "Server Certificates" list using PowerShell?
Hi,
Been surfing the web for an example on how to add a certificate to the "global" IIS "Server Certificates" list using PowerShell but to no luck. I already have code in place on how to tie / associate a specific website with a specific cert but not how to add the new .cer file using the "Complete Certificate Request..." wizard using PowerShell.... I dont expect the final code to become published but if someone had an idea on how to integrate / get an entry point on where to interact between the "Server Certificate" list in IIS and POSH I would be super happy! :|
I am runnign IIS on a Windows 2008R2 x64 Standard Edition if that helps..... of course, I would settle for an CLI if there is no other way, but POSH is of course the way to go! :)
Thanks for the help in advance guys, take care!
Been surfing the web for an example on how to add a certificate to the "global" IIS "Server Certificates" list using PowerShell but to no luck. I already have code in place on how to tie / associate a specific website with a specific cert but not how to add the new .cer file using the "Complete Certificate Request..." wizard using PowerShell.... I dont expect the final code to become published but if someone had an idea on how to integrate / get an entry point on where to interact between the "Server Certificate" list in IIS and POSH I would be super happy! :|
I am runnign IIS on a Windows 2008R2 x64 Standard Edition if that helps..... of course, I would settle for an CLI if there is no other way, but POSH is of course the way to go! :)
Thanks for the help in advance guys, take care!
ASKER
We are wanting to add a *.cer file and not a *.pfx file, but yes... the function below does work with a pfx file.
Also - Yes, we have explored the IIS PowerShell Snap-in and could not find anything to work natively.
Thanks!
function Add-SSLCertificate{
param([string]$pfxPath,[string]$pfxPassword,[string]$hostHeader,[string]$siteName)
$certMgr = New-Object -ComObject IIS.CertObj -ErrorAction SilentlyContinue
$certMgr.ImportToCertStore($pfxPath,$pfxPassword,$true,$true)
Import-Module WebAdministration;
New-WebBinding -Name $siteName -Port 443 -Protocol https -HostHeader $hostHeader
}
Also - Yes, we have explored the IIS PowerShell Snap-in and could not find anything to work natively.
Thanks!
what i'd is convert *.pfx to *.cer format either by certificate manager in Windows Management Console or using pvkimprt tool:
http://www.microsoft.com/download/en/details.aspx?displaylang=EN&id=6563
and then using the powershell script above.
also check the following link:
http://www.ehow.com/how_8586664_convert-cer-pfx.html
http://www.microsoft.com/download/en/details.aspx?displaylang=EN&id=6563
and then using the powershell script above.
also check the following link:
http://www.ehow.com/how_8586664_convert-cer-pfx.html
hi,
did u get any progress with your issue?
do u need any further help?
cheers
did u get any progress with your issue?
do u need any further help?
cheers
ASKER
Hey,
The tool specified "pvkimprt" does not exist in Windows Server 2008R2 and doing it graphically isn't a solution we are looking for, we need this to be done all through scripting.
We are now also talking to Microsoft for a solution for this one as well and the question has been escalated.
Thanks again!
The tool specified "pvkimprt" does not exist in Windows Server 2008R2 and doing it graphically isn't a solution we are looking for, we need this to be done all through scripting.
We are now also talking to Microsoft for a solution for this one as well and the question has been escalated.
Thanks again!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks segwick, that solution will work and we will use it since we have not heard back from MS
http://learn.iis.net/page.aspx/491/powershell-snap-in-configuring-ssl-with-the-iis-powershell-snap-in/