From d903e50ad215194d97a692e6f3b04d3862812941 Mon Sep 17 00:00:00 2001 From: Matthew McKinnon Date: Fri, 6 Dec 2024 16:27:18 +1000 Subject: [PATCH] fix: Fixed ssl bindings --- general/Accept-CSR.ps1 | 48 +++++++++++++++++++++++++++++------------- 1 file changed, 33 insertions(+), 15 deletions(-) diff --git a/general/Accept-CSR.ps1 b/general/Accept-CSR.ps1 index 2e9cee1..edbe86a 100644 --- a/general/Accept-CSR.ps1 +++ b/general/Accept-CSR.ps1 @@ -1,27 +1,45 @@ +[CmdletBinding()] +param ( + [Parameter(Mandatory)] + [string]$DomainName +) + +Import-Module WebAdministration + # Get Certificate +Write-Host -ForegroundColor Yellow "Importing $DomainName Certificate...." $Path = ($pwd).Path -$CertificateName = (Get-ChildItem $Path | Where { $_.Name -like "*.crt" }).Name -certreq -accept "$Path\$CertificateName" +$CertificateName = (Get-ChildItem $Path | Where { $_.Name -like "*$DomainName*.crt" }).Name +#certreq -accept "$Path\$CertificateName" # Get Certificate details -$OldCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -like "*remote.jwafurniture.com.au*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -lt 30 } +$OldCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.DnsNameList -like "*$DomainName*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -lt 300 } +$NewCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.DnsNameList -like "*$DomainName*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -gt 300 } -$NewCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -like "*remote.jwafurniture.com.au*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -gt 300 } +$SelectedSite = Get-WebBinding -# Update IIS Bindings -$bindingInfo = "IIS:\SSLBindings\*!443" -$newcert | Set-Item -Path $bindingInfo +# Remove the existing binding +Remove-WebBinding -Name "Default Web Site" -Protocol "https" + +# Create the binding for the selected site without the certificate +New-WebBinding -Name "Default Web Site" -Protocol "https" -Port 443 -SslFlags 0 + +# Get the binding for the selected site +$binding = Get-WebBinding -Name "Default Web Site" -Protocol "https" + +# Add the new SSL certificate to the binding using Thumbprint +$binding.AddSslCertificate($NewCert.Thumbprint, "My") #Remove Old Certificate $Thumb = $OldCert.Thumbprint Get-ChildItem Cert:\LocalMachine\My\$Thumb | Remove-Item -$Cert_PWD = ConvertTo-SecureString -String "Passw0rd!" -Force -AsPlainText -$exportPath = 'exported.pfx' -$iiscert = Get-ChildItem Cert:\LocalMachine\My\$Thumb -Export-PfxCertificate -Cert $iiscert -FilePath $exportPath -Password $Cert_PWD -Force -Set-RDCertificate -Role RDGateway -ImportPath "$exportPath" -Password $Cert_PWD -Force -Set-RDCertificate -Role RDWebAccess -ImportPath "$exportPath" -Password $Cert_PWD -Force -Set-RDCertificate -Role RDRedirector -ImportPath "$exportPath" -Password $Cert_PWD -Force -Set-RDCertificate -Role RDPublishing -ImportPath "$exportPath" -Password $Cert_PWD -Force +#$Cert_PWD = ConvertTo-SecureString -String "Passw0rd!" -Force -AsPlainText +#$exportPath = 'exported.pfx' +#$iiscert = Get-ChildItem Cert:\LocalMachine\My\$Thumb +#Export-PfxCertificate -Cert $iiscert -FilePath $exportPath -Password $Cert_PWD -Force +#Set-RDCertificate -Role RDGateway -ImportPath "$exportPath" -Password $Cert_PWD -Force +#Set-RDCertificate -Role RDWebAccess -ImportPath "$exportPath" -Password $Cert_PWD -Force +#Set-RDCertificate -Role RDRedirector -ImportPath "$exportPath" -Password $Cert_PWD -Force +#Set-RDCertificate -Role RDPublishing -ImportPath "$exportPath" -Password $Cert_PWD -Force