0

We just recently purchased a dedicated server with public ip addresses. I have a certified ssl certificate for a domain, I'll use example.com for the example. This domain has a dedicated ip. When I try to I try to publish a website using:

https://example.com:8172/msdeploy.axd

I am getting this message:

enter image description here

I setup the Management Service as such:

enter image description here

I cannot change the SSL certificate here to match the domain mydomain.com, it only gives me that one option WMSVC-SHA2. The ip on the domain matches the ip on Management Services. I can also go to the website and it shows the certificate is working.

How do I get Management Services to use the mydomain.com or even the certified certificate that we purchased so that it uses the right certificate?

SomeoneSpecial
  • 265
  • 1
  • 3
  • 6

1 Answers1

0

You can use PowerShell to configure IIS web management service to use custom certificate. You can refer to my blog post on this subject: Configure IIS Web Administration to use centralized SSL certificate.

Here is a PowerShell function:

function Configure-WebAdministrationCertificate {
[CmdletBinding()]
    param(
        [Parameter(Mandatory = $true)]
        [Security.Cryptography.X509Certificates.X509Certificate2]$Certificate
    )
    if (!(Test-Path "HKLM:\SOFTWARE\Microsoft\WebManagement\Server")) {
        [void](New-Item -Path "HKLM:\SOFTWARE\Microsoft\WebManagement\" -Name "Server" -Force -ErrorAction Stop)
    }
    $Tokens = $Certificate.Thumbprint -split "([a-fA-F0-9]{2})" | ? {$_}
    [Byte[]]$Bytes = $Tokens | %{[Convert]::ToByte($_,16)}
    Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WebManagement\Server -Name SslCertificateHash -Value $Bytes
    Import-Module WebAdministration
    del IIS:\SslBindings\0.0.0.0!8172
    $Certificate | New-Item -Path IIS:\SslBindings\0.0.0.0!8172 -Force
    Restart-Service -Name wmsvc
}

and use it:

$cert = gi cert:\LocalMachine\My\$Thumbprint
Configure-WebAdministrationCertificate $cert

where $Thumbprint variable stores a thumbprint value of the certificate.

Crypt32
  • 6,414
  • 1
  • 13
  • 32
  • so this uses the certificate that was installed through IIS? I just put the name of the certificate in place of `$Thumbprint`. Just wanted clarity before I do anything. – SomeoneSpecial Sep 06 '22 at 19:14
  • @SomeoneSpecial why you put certificate name when you are asked to put certificate thumbprint? – Crypt32 Sep 07 '22 at 07:37