Link to home
Avatar of enthuguy
enthuguyFlag for Australia

asked on

Windows Server 2016 SSL Certificate

Hi Windows Server experts,

Just need a general guidance on this scenario pls

In AWS EC2 Windows Server 2016 (serverA), have manually installed softwares,  imported/configured SSL certificates, etc for one of my application, my application works fine in https....all good at this stage.

As you know, in AWS, we have an option to create an AMI (Snapshot) from an EC2. Using this AMI we can create subsequent servers instances (serverB, serverC, etc , so we dont have to reinstall and configure softwares once again.

My Request is:
If I launch and create new EC2 Windows server based on above AMI, Do I have to perform anything extra for SSL certificates to work on serverB, serverC, so on? would that works as it was working on the serverA.

please suggest. and advice.

Thanks in advance
Avatar of Joshua Grantom
Joshua Grantom
Flag of United States of America image

How are the certificates used? Are they added to trusted certificates or are they used to authenticate the server?
Avatar of enthuguy

ASKER

HI Joshua,

They are imported into certificate store "Web Hosting" using

I'm getting familiar in SSL :)
ASKER CERTIFIED SOLUTION
Avatar of Joshua Grantom
Joshua Grantom
Flag of United States of America image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Thanks Joshua,
Yes, it is a wildcard certificate.

Yes, it is domain joined (spot on joshua)

Could you provide a link on sysprep that you are suggesting please?

are you talking about this?
PS C:\> C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
PS C:\> C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\SendEventLogs.ps1 -Schedule

Open in new window

I would follow Amazon best practice to sysprep. It's pretty straight forward.

https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ami-create-standard.html
Thanks Joshua,
Since we use wild card, it worked and thx for the sysprep. I was able to create a clean AMI after that.