4

I can create a web site in IIS using e.g. the following command:

appcmd add site
  -name:portallocal
  -physicalPath:"C:\dev\projects\mysite"
  -bindings:https/127.0.0.1:444:mysite.dev

But how can I also select an SSL certificate?

I'd like the highlighted dropdown shown below to have the correct SSL certificate selected, and I'd like to do it from the command-line, preferably as part of the add site command. if there's an additional command I can run, that's fine too, but I want to not have to go into the IIS Manager application and select the SSL certificate manually.

screenshot

Svish
  • 7,527

2 Answers2

4

Was able to do figure it out. Seems one needs to use a different command:

netsh http add sslcert
  hostnameport=mysite.dev:444
  certhash=<hash/fingerprint of certificate>
  certstorename=my
  appid={f66e756c-145d-48c0-84d5-91a6a8e1900e}

What really confused me here, was the appid, as the app id for my site was 1, but here there's a guid, and I couldn't figure out where to find the guid of my web site. Turns out, this guid, is apparently one you just make up yourself...

Svish
  • 7,527
0

Using PowerShell + netsh:

$certificateName = 'example.com'
$thumbprint = Get-ChildItem -path cert:\LocalMachine\My | where { $_.Subject.StartsWith("CN=$certificateName") } | Select-Object -Expand Thumbprint
$guid = [guid]::NewGuid().ToString("B")
netsh http add sslcert ipport="0.0.0.0:443" certhash=$thumbprint certstorename=MY appid="$guid"

If you need a named binding, replace netsh call with this:

netsh http add sslcert hostnameport="$certificateName:443" certhash=$thumbprint certstorename=MY appid="$guid"
AliT
  • 1