diff --git a/New-SanCertificate.ps1 b/New-SanCertificate.ps1 index 53ebddd..9f933ef 100644 --- a/New-SanCertificate.ps1 +++ b/New-SanCertificate.ps1 @@ -5,7 +5,7 @@ Generates a self-signed certificate to be used by IIS for HTTPS communications .DESCRIPTION Generates a SAN self-signed certificate to be used by IIS for HTTPS communications. -The certificate will be automatically trusted by the local machine and assigned to the HTTPS binding of IIS for the default site. +The certificate will be automatically trusted by the local machine and assigned to the HTTPS binding of the defined IIS site. The certificate by default will include the following items in the SAN for the cert: Hostname @@ -19,6 +19,9 @@ IP Addresses to include in the Certificate. If not provided, the script will gat .PARAMETER AdditionalDnsNames Specifies additional DNS names that should be added to the certificate +.PARAMETER SiteName +Site name of the IIS site that should have the HTTPS binding configured. Defaults to Default Web Site + .PARAMETER Validity Defines the validity of the certificate in years. Defaults to 15 years @@ -41,6 +44,10 @@ param ( $AdditionalDnsNames, [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] + [string] + $SiteName = "Default Web Site", + [Parameter(Mandatory=$false)] + [ValidateNotNullOrEmpty()] [int] $Validity = 15 ) @@ -112,13 +119,13 @@ Import-Certificate -CertStoreLocation cert:\LocalMachine\Root -FilePath $Exporte if (Get-Command -Name "Get-WebBinding" -ErrorAction SilentlyContinue) { # Setup https binding if it is not configured - if ($null -eq (Get-WebBinding -Name "Default Web Site" -Protocol "https")) { + if ($null -eq (Get-WebBinding -Name $SiteName -Protocol "https")) { Write-Verbose "Creating IIS Binding on Default Web Site" - New-WebBinding -Name "Default Web Site" -IPAddress "*" -Port 443 -Protocol "https" + New-WebBinding -Name $SiteName -IPAddress "*" -Port 443 -Protocol "https" } # Assign to IIS Binding - (Get-WebBinding -Name "Default Web Site" -Port 443 -Protocol "https").AddSslCertificate($GeneratedCert.Thumbprint, "my") + (Get-WebBinding -Name $SiteName -Port 443 -Protocol "https").AddSslCertificate($GeneratedCert.Thumbprint, "my") } else { Write-Warning "IIS not installed so the binding was not configured`n" diff --git a/README.md b/README.md index 023d846..9061599 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,12 @@ # New-SanCertificate -Generates a self-signed certificate to be used by IIS for HTTPS communications +Generates a SAN self-signed certificate to be used by IIS for HTTPS communications. +The certificate will be automatically trusted by the local machine and assigned to the HTTPS binding of the defined IIS site. ## Requirements - Must be running as an admin -- IIS must be installed for it to set the binding on the Default site +- IIS must be installed for it to set the binding on the site ## Variables @@ -13,6 +14,7 @@ Generates a self-signed certificate to be used by IIS for HTTPS communications | ------------------ | -------- | ---------------------------- | ------- | ---------------------------------------------------------------------- | | IpAddress | No | IPv4 addresses of the system | | IP Addresses to include in the Certificate | | AdditionalDnsNames | No | | | Specifies additional DNS names that should be added to the certificate | +| SiteName | No | Default Web Site | | Defines the website that will have the IIS binding configured | | Validity | No | 15 | | Defines the validity of the certificate in years | ## Example