-
Notifications
You must be signed in to change notification settings - Fork 3
/
after-update-cert.ps1
40 lines (33 loc) · 1.31 KB
/
after-update-cert.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#Requires -RunAsAdministrator
echo "PFX file path: $env:CERT_PATH_PFX"
$newCert = Import-PfxCertificate -FilePath "$env:CERT_PATH_PFX" -CertStoreLocation Cert:\LocalMachine\My
echo "Imported certificate to localmachine: $newCert.Thumbprint"
# Script for IIS
if (Get-Module -ListAvailable -Name Webadministration)
{
Import-Module Webadministration
echo "Updating certificate for IIS"
$sites = Get-ChildItem -Path IIS:\Sites
foreach ($site in $sites)
{
foreach ($binding in $site.Bindings.Collection)
{
if ($binding.protocol -eq 'https')
{
$search = "Cert:\LocalMachine\My\$($binding.certificateHash)"
$certs = Get-ChildItem -path $search -Recurse
$hostname = hostname
if (($certs.count -gt 0) -and
($certs[0].Subject.StartsWith("CN=$env:CERT_DOMAIN")))
{
echo "Updating $hostname, site: `"$($site.name)`", binding: `"$($binding.bindingInformation)`", current cert: `"$($certs[0].Subject)`", Expiry Date: `"$($certs[0].NotAfter)`""
$binding.AddSslCertificate($newCert.Thumbprint, "my")
}
}
}
}
}
else
{
Write-Host "IIS Module Webadministration does not exist, ignore"
}