Powershell - Set SSL Certificate on https Binding

Question

I am trying to use PowerShell to set the SSL certificate on an IIS site for a self signed/local certificate.

I create the certificate:

$newCert = 
       New-SelfSignedCertificate 
       -DnsName www.mywebsite.ru 
       -CertStoreLocation cert:\LocalMachine\My

Then try to set the SSL bindings:

get-item 
      cert:\LocalMachine\MY\$newCert.Thumbprint | 
      new-item -path IIS:\SslBindings\0.0.0.0!443

as shown on this post: http://www.iis.net/learn/manage/powershell/powershell-snap-in-configuring-ssl-with-the-iis-powershell-snap-in

also shown here: Powershell IIS7 Snap in Assign SSL certificate to https binding

I also tried:

get-item 
      cert:\LocalMachine\MY\$newCert.Thumbprint | 
      new-item -path IIS:\SslBindings\*!443

To no avail, I'm not seeing the SSL Certificate set in the Edit Site Binding dialog.

Any thoughts?

Use IIS:\SslBindings\0.0.0.0!443 instead of IIS:\SslBindings\*!443. When you bind a site to this port, it will use the registered certificate. — Bart Verkoeijen

Martin Brandl Martin Brandl · Accepted Answer · 2015-09-04T06:59:43

You have to assign the certifcate to a specific site.

You can retrieve the binding information of your site using the Get-WebBinding cmdlet and set the SSL Certificate using the AddSslCertificate function:

$siteName = 'mywebsite'
$dnsName = 'www.mywebsite.ru'

# create the ssl certificate
$newCert = New-SelfSignedCertificate -DnsName $dnsName -CertStoreLocation cert:\LocalMachine\My

# get the web binding of the site
$binding = Get-WebBinding -Name $siteName -Protocol "https"

# set the ssl certificate
$binding.AddSslCertificate($newCert.GetCertHashString(), "my")

Powershell - Set SSL Certificate on https Binding

2 Answers