Enabling SSL (Self Signed) in a webserver using Power Shell scripts for Local Dev Environment

This stuff is a piece of cake for most of us though, would like to share this as requested by my friend 🙂!

1. Using this Web Administration module, we can perform web hosting operations & detailed information available in this link (https://docs.microsoft.com/en-us/powershell/module/webadministration/?view=windowsserver2022-ps#webadministration)

Import-Module WebAdministration

2. once the module is installed, we can use the below script to create the self-signed certificate, and let’s keep the temp variable ‘binding’ for cert name

$binding = "*.build.mysite"

$cert = New-SelfSignedCertificate -DnsName "$binding" -CertStoreLocation "cert:\LocalMachine\My"

3. Retrieve the destination store & keep the object in ‘destStore’

$DestStore = new-object System.Security.Cryptography.X509Certificates.X509Store([System.Security.Cryptography.X509Certificates.StoreName]::Root,"localmachine")

4. Lets open the connection for an updates

$DestStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)

5. Let’s add the cert in the selected Store & close the connection

$DestStore.Add($cert)

$DestStore.Close()

6. Review the created cert

$cert = Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -eq "CN=$binding"}

$cert[0].Thumbprint

7. Interesting part now let’s do some devOps stuff adding the binding to the website using

$siteName = "build.dev.local"

New-WebBinding -Name $siteName -Protocol "https" -Port 443 -IPAddress * -HostHeader $binding -SslFlags 1

(Get-WebBinding -Name $siteName -Port 443 -Protocol "https" -HostHeader $binding).AddSslCertificate($cert.Thumbprint, "my")