fix: Fixed ssl bindings

This commit is contained in:
Matthew McKinnon 2024-12-06 16:27:18 +10:00
parent 7e00174620
commit d903e50ad2

View File

@ -1,27 +1,45 @@
[CmdletBinding()]
param (
[Parameter(Mandatory)]
[string]$DomainName
)
Import-Module WebAdministration
# Get Certificate # Get Certificate
Write-Host -ForegroundColor Yellow "Importing $DomainName Certificate...."
$Path = ($pwd).Path $Path = ($pwd).Path
$CertificateName = (Get-ChildItem $Path | Where { $_.Name -like "*.crt" }).Name $CertificateName = (Get-ChildItem $Path | Where { $_.Name -like "*$DomainName*.crt" }).Name
certreq -accept "$Path\$CertificateName" #certreq -accept "$Path\$CertificateName"
# Get Certificate details # Get Certificate details
$OldCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -like "*remote.jwafurniture.com.au*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -lt 30 } $OldCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.DnsNameList -like "*$DomainName*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -lt 300 }
$NewCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.DnsNameList -like "*$DomainName*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -gt 300 }
$NewCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -like "*remote.jwafurniture.com.au*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -gt 300 } $SelectedSite = Get-WebBinding
# Update IIS Bindings # Remove the existing binding
$bindingInfo = "IIS:\SSLBindings\*!443" Remove-WebBinding -Name "Default Web Site" -Protocol "https"
$newcert | Set-Item -Path $bindingInfo
# Create the binding for the selected site without the certificate
New-WebBinding -Name "Default Web Site" -Protocol "https" -Port 443 -SslFlags 0
# Get the binding for the selected site
$binding = Get-WebBinding -Name "Default Web Site" -Protocol "https"
# Add the new SSL certificate to the binding using Thumbprint
$binding.AddSslCertificate($NewCert.Thumbprint, "My")
#Remove Old Certificate #Remove Old Certificate
$Thumb = $OldCert.Thumbprint $Thumb = $OldCert.Thumbprint
Get-ChildItem Cert:\LocalMachine\My\$Thumb | Remove-Item Get-ChildItem Cert:\LocalMachine\My\$Thumb | Remove-Item
$Cert_PWD = ConvertTo-SecureString -String "Passw0rd!" -Force -AsPlainText #$Cert_PWD = ConvertTo-SecureString -String "Passw0rd!" -Force -AsPlainText
$exportPath = 'exported.pfx' #$exportPath = 'exported.pfx'
$iiscert = Get-ChildItem Cert:\LocalMachine\My\$Thumb #$iiscert = Get-ChildItem Cert:\LocalMachine\My\$Thumb
Export-PfxCertificate -Cert $iiscert -FilePath $exportPath -Password $Cert_PWD -Force #Export-PfxCertificate -Cert $iiscert -FilePath $exportPath -Password $Cert_PWD -Force
Set-RDCertificate -Role RDGateway -ImportPath "$exportPath" -Password $Cert_PWD -Force #Set-RDCertificate -Role RDGateway -ImportPath "$exportPath" -Password $Cert_PWD -Force
Set-RDCertificate -Role RDWebAccess -ImportPath "$exportPath" -Password $Cert_PWD -Force #Set-RDCertificate -Role RDWebAccess -ImportPath "$exportPath" -Password $Cert_PWD -Force
Set-RDCertificate -Role RDRedirector -ImportPath "$exportPath" -Password $Cert_PWD -Force #Set-RDCertificate -Role RDRedirector -ImportPath "$exportPath" -Password $Cert_PWD -Force
Set-RDCertificate -Role RDPublishing -ImportPath "$exportPath" -Password $Cert_PWD -Force #Set-RDCertificate -Role RDPublishing -ImportPath "$exportPath" -Password $Cert_PWD -Force