From 6ac08f56f44c013fe5bd0b9f3b7fbfcbd61e70d6 Mon Sep 17 00:00:00 2001 From: Tyler Hale Date: Fri, 15 Jul 2022 12:44:22 -0600 Subject: [PATCH] Added support for defining IIS site name --- New-SanCertificate.ps1 | 15 +++++++++++---- README.md | 6 ++++-- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/New-SanCertificate.ps1 b/New-SanCertificate.ps1 index 53ebddd..9f933ef 100644 --- a/New-SanCertificate.ps1 +++ b/New-SanCertificate.ps1 @@ -5,7 +5,7 @@ Generates a self-signed certificate to be used by IIS for HTTPS communications .DESCRIPTION Generates a SAN self-signed certificate to be used by IIS for HTTPS communications. -The certificate will be automatically trusted by the local machine and assigned to the HTTPS binding of IIS for the default site. +The certificate will be automatically trusted by the local machine and assigned to the HTTPS binding of the defined IIS site. The certificate by default will include the following items in the SAN for the cert: Hostname @@ -19,6 +19,9 @@ IP Addresses to include in the Certificate. If not provided, the script will gat .PARAMETER AdditionalDnsNames Specifies additional DNS names that should be added to the certificate +.PARAMETER SiteName +Site name of the IIS site that should have the HTTPS binding configured. Defaults to Default Web Site + .PARAMETER Validity Defines the validity of the certificate in years. Defaults to 15 years @@ -41,6 +44,10 @@ param ( $AdditionalDnsNames, [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] + [string] + $SiteName = "Default Web Site", + [Parameter(Mandatory=$false)] + [ValidateNotNullOrEmpty()] [int] $Validity = 15 ) @@ -112,13 +119,13 @@ Import-Certificate -CertStoreLocation cert:\LocalMachine\Root -FilePath $Exporte if (Get-Command -Name "Get-WebBinding" -ErrorAction SilentlyContinue) { # Setup https binding if it is not configured - if ($null -eq (Get-WebBinding -Name "Default Web Site" -Protocol "https")) { + if ($null -eq (Get-WebBinding -Name $SiteName -Protocol "https")) { Write-Verbose "Creating IIS Binding on Default Web Site" - New-WebBinding -Name "Default Web Site" -IPAddress "*" -Port 443 -Protocol "https" + New-WebBinding -Name $SiteName -IPAddress "*" -Port 443 -Protocol "https" } # Assign to IIS Binding - (Get-WebBinding -Name "Default Web Site" -Port 443 -Protocol "https").AddSslCertificate($GeneratedCert.Thumbprint, "my") + (Get-WebBinding -Name $SiteName -Port 443 -Protocol "https").AddSslCertificate($GeneratedCert.Thumbprint, "my") } else { Write-Warning "IIS not installed so the binding was not configured`n" diff --git a/README.md b/README.md index 023d846..9061599 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,12 @@ # New-SanCertificate -Generates a self-signed certificate to be used by IIS for HTTPS communications +Generates a SAN self-signed certificate to be used by IIS for HTTPS communications. +The certificate will be automatically trusted by the local machine and assigned to the HTTPS binding of the defined IIS site. ## Requirements - Must be running as an admin -- IIS must be installed for it to set the binding on the Default site +- IIS must be installed for it to set the binding on the site ## Variables @@ -13,6 +14,7 @@ Generates a self-signed certificate to be used by IIS for HTTPS communications | ------------------ | -------- | ---------------------------- | ------- | ---------------------------------------------------------------------- | | IpAddress | No | IPv4 addresses of the system | | IP Addresses to include in the Certificate | | AdditionalDnsNames | No | | | Specifies additional DNS names that should be added to the certificate | +| SiteName | No | Default Web Site | | Defines the website that will have the IIS binding configured | | Validity | No | 15 | | Defines the validity of the certificate in years | ## Example