IIS SSL Setup using PowerShell | Self Signed Certificate | Host Binding

Enabling SSL (Self Signed) on your webserver using Power Shell scripts for Local Environment

This stuff is a piece of cake for most of us though, would like to share this as per my friend request

 

1. Using this Web Administration module, we can perform web hosting operations & detailed information available in this link (https://docs.microsoft.com/en-us/powershell/module/webadministration/?view=windowsserver2022-ps#webadministration)

 

Import-Module WebAdministration

 

2. once the module is installed, we can use the below script to create the self-signed certificate, and let’s keep the temp variable ‘binding’ for cert name

 

$binding = "*.build.mysite"

 

$cert = New-SelfSignedCertificate -DnsName "$binding" -CertStoreLocation "cert:\LocalMachine\My"

 

3. Retrieve the destination store & keep the object in ‘destStore’

$DestStore = new-object System.Security.Cryptography.X509Certificates.X509Store([System.Security.Cryptography.X509Certificates.StoreName]::Root,"localmachine")

 

4. Lets open the connection for an updates

$DestStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)

 

5. Let’s add the cert in the selected Store & close the connection

$DestStore.Add($cert)

$DestStore.Close()

 

6. Review the created cert

 

$cert = Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -eq "CN=$binding"}

 

$cert[0].Thumbprint

 

7. Interesting part now let’s do some devOps stuff adding the binding to the website using

  

$siteName = \"portal.dev.local"

  

New-WebBinding -Name $siteName -Protocol "https" -Port 443 -IPAddress * -HostHeader $binding -SslFlags 1

(Get-WebBinding -Name $siteName -Port 443 -Protocol "https" -HostHeader $binding).AddSslCertificate($cert.Thumbprint, "my")