IIS 7 and Above
Certificate Rebind in IIS 8.5
Last post Jul 08, 2018 07:54 AM by romarfm
Jun 30, 2018 07:35 AM|romarfm|LINK
I'm trying to rebind an expired public SSL certificate automatically as explained in this article:
My Windows 2012 R2 with IIS 8.5 doesn't rebind automatically. Are there more steps required than mentioned in the article?
I have a expired public wildcard certificate that is bound to a few dozen sites and it would save me a lot of time if the rebind process could be automated.
Thank you in advance for any suggestions.
Jul 02, 2018 03:20 AM|deepakpanchal10|LINK
The steps which mentioned in the links are enough and there is no any other steps need to perform as per my knowledge and searching results.
Make sure that your Windows 2010 R2 is installed with latest updates.
If there is any pending updates available then try to install it.
Then again try to produce the issue.
If issue persists then let us know about it.
If you got any error then also inform us about it.
We will try to provide you further suggestions.
Jul 02, 2018 08:04 AM|romarfm|LINK
All the critical Windows updates are installed.
Are the steps mentioned in this article still necessary?
Do I have to create a new certificate services notification tasks and do I have to enable Auto Enrollment settings in the GPO?
I don't see any certificate-renewal event (event ID 1001), but I several events that a certificate is about to expire (event ID 1003) and that a certificate has expired (event ID 1002).
Jul 03, 2018 03:16 AM|deepakpanchal10|LINK
As per the documentation below,
Certificate Rebind in IIS 8.5
IIS 8.5 and later have a new feature that automates the rebinding of a renewed certificate. This feature, called Certificate Rebind,
ensures that a certificate will automatically be rebound to a Web site after the certificate has been renewed. You enable this feature for all HTTPS Web sites on a server in the Server Certificates dialog box of
the IIS Manager.
Certificate rebind leverages the notification functionality in a Windows 8 and Windows Server 2012 helper mechanism called Certificate Services Lifecycle Notifications. This mechanism creates a system
event whenever a certificate-related action takes place, such as when a new certificate is installed, an existing certificate expires or is about to expire, or a certificate is renewed.
So as per the documentation, If you enable this feature then it will do this process by itself and you not need to perform any steps manually.
But as per your experience, It is not binding the new certificates automatically, So as a work around you can try to follow the steps and try to use that PowerShell script to do this operation manually may help you to bind the updated certificates.
Jul 08, 2018 07:54 AM|romarfm|LINK
I applied your suggested work around and did the rebind via a PowerShell script.
This was not the solution I was hoping for, but it saved me a few hours of manual work.