Internet Information Services
Microsoft web server software.
1,316 questions
NB: the NEWcertificate.pfx certificate has already been successfully imported into IIS
iis - ssl certificate replace with powershell
mc se
1
Reputation point
Hello everybody.
I have this situation:
IIS with many sites with an SSL certificate associated with it (OLDcertificate.pfx)
I have this goal:
exchange the SSL certificate associated on multiple sites in IIS (with the new NEWcertificate.pfx)
I would kindly ask if anyone can help me locate the commands to do this task with powershell.
At the moment I am trying with these commands:
Get-WebBinding
Get-ChildItem -Path Cert: LocalMachine \ MY
$ OLDCertificateThumbprint = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
$ NEWCertificateThumbprint = "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
Get-WebBinding | Where-Object {$ _. CertificateHash -eq $ OLDCertificateThumbprint} | ForEach-Object {Write-Host "Working on" $ _ $ _. RemoveSslCertificate () $ _. AddSslCertificate ($ NEWCertificateThumbprint, 'My')}
but it does not work.
thanks !
{count} votes
-
Bruce Zhang-MSFT 3,676 Reputation points
2022-04-14T02:27:35.607+00:00 Hi @mc se ,
but it does not work.
Is there any error message reported? If it cannot work, powershell will return some text with red color so that you can know what error is in the scripts.
I followed the scripts in this blog. It uses two commands to remove the binding of the old certificate and then add the binding of the new certificate, instead of performing two operations in one command. You'd better separate these two operations into two commands as well.
Get-Item IIS:\SslBindings\10.238.82.89!443 | Remove-Item get-item -Path "cert:\LocalMachine\My\$certShop" | new-item -path IIS:\SslBindings\10.238.82.89!443
Sign in to comment