Hi All,
Is there any way when creating bindings in IIS to tick the option 'Require Server Name Indication' (screenshot below) - I cannot seem to find a way to do this in the UI of installware.
I thought I would try and work around this by instead using a PowerShell script (see below), but for reasons I cannot figure out, the script will not work - it creates the SSL certificate fine, but will not create the binding and assign the certificate. If I run this same script manually in PowerShell ISE, it works perfectly.
Would anyone have any ideas how to do this in Installaware UI, or why the PowerShell script will not execute properly?
#Variables for user to set
$PortNumber = "443"
$HostName = "testserver01.mydomain.com"
$HostName = $HostName.ToLower()
$OS = Get-WMIObject Win32_OperatingSystem | select-object Caption
# Import Module
Import-Module WebAdministration
# Remove Certificate if one already exists of the same name
Get-ChildItem Cert:\LocalMachine\My -DnsName $HostName | remove-item -force -erroraction silentlycontinue
Remove-Item -path "IIS:\SslBindings\*!$PortNumber!$Hostname" -force -erroraction silentlycontinue
Get-WebBinding -Port $PortNumber -Name "passwordstate" | Remove-WebBinding
# Create the SSL Certificate, using different commands depending on which version of Operating System is installed.
if ($OS -like '*8*' -or $OS -like '*2012*')
{
$cert = New-SelfSignedCertificate -DnsName $HostName -CertStoreLocation Cert:\LocalMachine\My
}
else
{
$StartDate = '01/01/' + (Get-Date).Year
$EndDate = '01/01/' + (Get-Date).AddYears(5).Year
$cert = New-SelfSignedCertificate -DnsName $HostName -CertStoreLocation Cert:\LocalMachine\My -FriendlyName $HostName -NotBefore $StartDate -NotAfter $EndDate
}
$rootStore = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList Root, LocalMachine
$rootStore.Open("MaxAllowed")
$rootStore.Add($cert)
$rootStore.Close()
Start-Sleep -s 1
# Create a new web binding in IIS
New-WebBinding -Name 'passwordstate' -HostHeader $Hostname -IPAddress * -Port $PortNumber -Protocol https -SslFlags 1
# Assign the certificate to the binding
New-Item -Path "IIS:\SslBindings\*!$PortNumber!$Hostname" -Value $cert -SSLFlags 1
Regards
Mark
IIS and Server Name Indication (SNI)
-
- Site Admin
- Posts: 5361
- Joined: Sun Aug 22, 2010 4:28 am
Re: IIS and Server Name Indication (SNI)
How did run your ps script from IA script? Did you use "Run Program" command?
Francesco Toscano
InstallAware Software
White Papers (HowTos) - http://www.installaware.com/publication ... papers.htm
Publications - http://www.installaware.com/publications-review.htm
InstallAware Help -F1 anywhere in the InstallAware IDE
InstallAware Software
White Papers (HowTos) - http://www.installaware.com/publication ... papers.htm
Publications - http://www.installaware.com/publications-review.htm
InstallAware Help -F1 anywhere in the InstallAware IDE
Re: IIS and Server Name Indication (SNI)
Hello Fransesco,
Yes, I used the Run Program syntax below. I know the script is running, as it's creating the self signed certificate. It's just not executing the other New-WebBinding and New-Item commands.
Thanks very much for your help so far.
Regards
Mark
Yes, I used the Run Program syntax below. I know the script is running, as it's creating the self signed certificate. It's just not executing the other New-WebBinding and New-Item commands.
Thanks very much for your help so far.
Regards
Mark
-
- Site Admin
- Posts: 5361
- Joined: Sun Aug 22, 2010 4:28 am
Re: IIS and Server Name Indication (SNI)
mmm ...very strange indeed.
Can you do a try with omitting the "Hide Program Window" flag?
This should leave visible the Powershell Console Window while executing the "Run Program" command.
Probably, the console window will also report some more details about the nature of the problem.
Can you do a try with omitting the "Hide Program Window" flag?
This should leave visible the Powershell Console Window while executing the "Run Program" command.
Probably, the console window will also report some more details about the nature of the problem.
Francesco Toscano
InstallAware Software
White Papers (HowTos) - http://www.installaware.com/publication ... papers.htm
Publications - http://www.installaware.com/publications-review.htm
InstallAware Help -F1 anywhere in the InstallAware IDE
InstallAware Software
White Papers (HowTos) - http://www.installaware.com/publication ... papers.htm
Publications - http://www.installaware.com/publications-review.htm
InstallAware Help -F1 anywhere in the InstallAware IDE
Re: IIS and Server Name Indication (SNI)
Hi Francesco,
Thanks for the suggestion, and it helped me figure out what the issue was.
I was getting errors like "New-Item : Cannot retrieve the dynamic parameters for the cmdlet", which ended up being related to the version of PowerShell being executed - as Installaware is a 32-bit app, it was executing the 32-bit version of PowerShell.
So I had to change my Run Command to the following, so it would execute the 64-bit version.
$WINDIR$\\Sysnative\\WindowsPowerShell\\v1.0\\powershell.exe
Thanks again for your help.
Regards
Mark
Thanks for the suggestion, and it helped me figure out what the issue was.
I was getting errors like "New-Item : Cannot retrieve the dynamic parameters for the cmdlet", which ended up being related to the version of PowerShell being executed - as Installaware is a 32-bit app, it was executing the 32-bit version of PowerShell.
So I had to change my Run Command to the following, so it would execute the 64-bit version.
$WINDIR$\\Sysnative\\WindowsPowerShell\\v1.0\\powershell.exe
Thanks again for your help.
Regards
Mark
-
- Site Admin
- Posts: 5361
- Joined: Sun Aug 22, 2010 4:28 am
Re: IIS and Server Name Indication (SNI)
Happy you solved!
Francesco Toscano
InstallAware Software
White Papers (HowTos) - http://www.installaware.com/publication ... papers.htm
Publications - http://www.installaware.com/publications-review.htm
InstallAware Help -F1 anywhere in the InstallAware IDE
InstallAware Software
White Papers (HowTos) - http://www.installaware.com/publication ... papers.htm
Publications - http://www.installaware.com/publications-review.htm
InstallAware Help -F1 anywhere in the InstallAware IDE
Who is online
Users browsing this forum: No registered users and 24 guests