问题
I am using following code to link certificate to SSL binding that I have added
$thumb = (Get-ChildItem cert:\LocalMachine\My | where-object { $_.Subject -like $wildCardSubject } | Select-Object -First 1).Thumbprint
Push-Location IIS:\SslBindings
Get-Item cert:\LocalMachine\My\$thumb | New-Item $ipAddress!$port
Pop-Location
This works fine without any errors. After running this, if I open bindings UI for that website from IIS manager I do not see any certificate attached to the binding. Am I missing anything here?
On a similar topic, if I am using a shared certificate between two websites, what care do I need to take in order to ensure that adding/removing ssl bindings work? I can see following problems where doing this from IIS Manager UI
- When adding second binding, it gives warning saying certificate is already used by other website. I still go ahead and everything works, not sure what happens behind the scene.
- When removing the binding, it gives a warning saying the certificate is used in other binding and removing this binding would make other binding unusable. Even in this case, I proceed and other site seems to work fine
回答1:
Get-Item expects String Value of Thumbprint. Hope this helps.
$Cert = dir cert:\localmachine\my | Where-Object {$_.Subject -like $CertSubject }
$Thumb = $Cert.Thumbprint.ToString()
Push-Location IIS:\SslBindings
New-WebBinding -Name $WebSiteName -IP $IP -Port 443 -Protocol https
Get-Item cert:\LocalMachine\MY\$strThumb | new-item $IP!443
Pop-Location
For the Other two Question, HTTPS Binding is IP+SSLCertificate. So if you want to use Shared Certificate try and use Unique IP for each Binding, doing so will not give you any Warning.
来源:https://stackoverflow.com/questions/19120339/powershell-add-ssl-binding-using-shared-certificate