IIS (Internet Information Services) web server in Windows OS is used to host static or dynamic websites. To get the trust of users of your website, it’s very important that the website has an SSL certificate. In PowerShell, binding a certificate to the IIS site is a straightforward process.
In PowerShell, the New-WebBinding cmdlet is used to create an SSL binding to the IIS website.
In this article, we will discuss how to install the SSL certificate on the IIS website.
Create an SSL Binding Certificate for the IIS Site
Use the task-based cmdlets called New-WebBinding to add the SSL binding to the IIS website.
Run the following PowerShell script to deploy the SSL binding to the website.
New-WebBinding -Name "HMITest" -IP "*" -Port 443 -Protocol https
In the above PowerShell script, the New-WebBinding cmdlet uses the Name
parameter to specify the site name as “HMITest”, IP address, and Port as 443 with protocol as HTTPS to create SSL binding to the site.
The output of the above PowerShell script creates an SSL binding, to get the SSL binding run the following command.
Get-WebBinding 'HMITest'
In the above PowerShell script, the Get-WebBinding cmdlet uses the site name to retrieve the SSL binding collection for the specified website.
The output of the above PowerShell script is:
HMITest website in IIS has HTTP and HTTPS binding collections.
Bind SSL Certificate to IIS Site in PowerShell
To bind the SSL certificate to the IIS site, CD into the IIS:\SslBindings directory and retrieve existing SSL bindings.
PS C:\> IIS: PS IIS:\> cd .\SslBindings\
Refer to the article on how to create a self-signed certificate in PowerShell where we have created an SSL certificate and stored it in the LocalMachine\My store
.
Use the certificate thumbprint to get the certificate details and bind the SSL certificate to the IP address 0.0.0.0 and SSL port 443.
PS IIS:\SslBindings\> get-item Cert:\LocalMachine\MY\88BBB210E2F12DAA9D38AF8254E528F1F3886C7A | New-Item 0.0.0.0!443
In the above PowerShell script, the Get-Item cmdlet uses the Cert:\ store to get a certificate by certificate hash and passes the certificate details to the New-Item cmdlet. The New-Item cmdlet binds the SSL certificate to the IP address and SSL port number 443.
The output of the above PowerShell script to associate a certificate with the IIS site is:
PS IIS:\SslBindings\> get-item Cert:\LocalMachine\MY\88BBB210E2F12DAA9D38AF8254E528F1F3886C7A | New-Item 0.0.0.0!443
IP Address Port Host Name Store Sites
---------- ---- --------- ----- -----
0.0.0.0 443 MY HMITest
SSL certificate is successfully associated with the IIS website. Run the website with https://localhost
Cool Tip: How to get IIS certificates and SSL bindings in PowerShell!
Conclusion
I hope the above article on how to bind an SSL certificate to the IIS site in PowerShell is helpful to you.
You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.