Q: The customer called with a server with multiple IIS sites each with secure bindings using an SSL Certificate that will expire soon. How can they automate updating the bindings on each site?
A: Using this Powershell script, found online, they can run it locally from an elevated Powershell window / or remote script utility. Identify the SSL Thumbprint of the expiring certificate as well as the new certificate. Update lines 2 & 3 accordingly then run it.
# Define Variables
$OldThumbprint = "########################################"
$NewThumbprint = "########################################"
# Search all bindings for old thumprint and replace with newthumbprint
Get-WebBinding | Where-Object { $_.certificateHash -eq $OldThumbprint} | ForEach-Object {
Write-Host "Replacing Cert For " $_
$_.RemoveSslCertificate()
$_.AddSslCertificate($NewThumbprint, 'My')
}
No comments:
Post a Comment