Best IT Recipes

How to Assign an SSL Certificate to an IIS7 Site from the Command Line

Can you tell me if it is possible or not to assign an SSL certificate to a website in IIS7 using the APPCMD application?

I know the command to set the HTTPS binding

appcmd set site /site.name:"A Site" /+bindings.[protocol='https',bindingInformation='*:443:www.mysite.com']

and how to get current mappings

 %windir%\system32\inetsrv\Appcmd

but cannot find a way to map the site to a certificate (e.g. hash certificates)

+49
ssl iis iis-7 ssl-certificate appcmd
Feb 26 '09 at 17:37
source share
4 answers

The answer is to use NETSH. for example

 netsh http add sslcert ipport=0.0.0.0:443 certhash='baf9926b466e8565217b5e6287c97973dcd54874' appid='{ab3c58f7-8316-42e3-bc6e-771d4ce4b201}'
+49
May 7, '09 at 11:44
source share
— -

It helped me a lot: a simple Sukesh Ashok Kumar guide to configure SSL for IIS from the command line. Enables certificate import / creation using certutil / makecert .

http://www.awesomeideas.net/post/How-to-configure-SSL-on-IIS7-under-Windows-2008-Server-Core.aspx

EDIT: if the source URL is omitted, it is still available

+15
Oct 17 2018-10-17
source share

Using PowerShell and the WebAdministration module, you can do the following to assign an SSL certificate to an IIS site:

 # ensure you have the IIS module imported Import-Module WebAdministration cd IIS:\SslBindings Get-Item cert:\LocalMachine\My\7ABF581E134280162AFFFC81E62011787B3B19B5 | New-Item 0.0.0.0!443

Remarks ... the value "7ABF581E134280162AFFFC81E62011787B3B19B5" is the fingerprint of the certificate you want to import. Therefore, you must first import it into the certificate store. The New-Item cmdlet accepts an IP address (0.0.0.0 for all IP addresses) and a port.

See http://learn.iis.net/page.aspx/491/powershell-snap-in-configuring-ssl-with-the-iis-powershell-snap-in/ for details.

I tested this on Windows Server 2008 R2, as well as in a preliminary release of Windows Server 2012.

+8
Aug 07 '12 at 19:55
source share

@David and @orip have this right.

However, I would like to mention that the ipport parameter specified in the example (0.0.0.0-00-0043) is that MSDN calls "an unspecified address (IPv4: 0.0.0.0 or IPv6: [::])".

I went looking for him, so I decided that I would write here to save someone else. This article focuses on SQL Server, but the information is still relevant:

http://msdn.microsoft.com/en-us/library/ms186362.aspx

+4
Dec 01 2018-11-12T00:
source share


More articles:


All Articles