Assigning a certificate to an ip port [Answered]RSS

2 replies

Last post Jan 04, 2011 03:51 AM by suchiwa

  • Assigning a certificate to an ip port

    Nov 11, 2010 08:27 AM|rkr31|LINK

    Hi

    I need to assign a cert to an ip for ssl in IIS.  The page:  http://learn.iis.net/page.aspx/491/powershell-snap-in-configuring-ssl-with-the-iis-powershell-snap-in/ kind of tells me what i need to do under the "Assigning the Certificate to the IP:Port of the IIS Binding" heading.  The problem is that i dont know which hash to use.  This will be fully scripted so we will have no idea of the hash and there are going to be lots of certificates.

    If i run the command dir cert:\localmachine\my i get the following :

    Directory: Microsoft.PowerShell.Security\Certificate::localmachine\my

    Thumbprint                                Subject
    ----------                                -------
    C4DF036D3F5FBFB8CF6FE6C943BB465770221AA3  CN=win0004.site.com, OU=IT, O=MY Company4, L=Londo
    AD742D16B85F89860C98D70735BD1492BDF3D14C  CN=somweb01.site.com, OU=IT, O=MY Company4, L=Londo
    9DD5EF844BCD755049EDD67C1691EE8C65AE2375  CN=somweb01.site.com, OU=IT, O=MY Company4, L=Londo

    Now....How can i run the following but using the known Subject field rather then the hash.  In actual fact, only the CN part of the subject

    PS IIS:\SslBindings> get-item cert:\LocalMachine\MY\7ABF581E134280162AFFFC81E62011787B3B19B5 | new-item 192.168.1.1!443

     Thanks in advance

    Richard

  • Re: Assigning a certificate to an ip port

    Nov 11, 2010 09:27 AM|rkr31|LINK

  • Re: Assigning a certificate to an ip port

    Jan 04, 2011 03:51 AM|suchiwa|LINK

    Hi,

    Could help you :

     Without certificates services in your network, use selfSSL

    selfSSL /T /N:CN=<CERTIFICATENAME> /V:365 /S:1

    and then:

     

    $thumbPath = ls cert:\LocalMachine\My
    $certHash=$thumbPath[0].thumbprint

     Where you can specify your certificate with [0,1,2,3...]


    ssl hash