I need to create a new self-signed IIS SSL certificate from a PowerShell script as part of an automated install.
Here's what I've tried:
Import-Module WebAdministation
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
New-SelfSignedCertificate -Subject Fluency -DnsName $computerName.$domainName -CertStoreLocation cert:\LocalMachine\My
Get-ChildItem cert:\LocalMachine\My | where { $_.Subject -match "CN\=$Computername\.$DomainName" } | select -First 1 | New-Item IIS:\SslBindings\0.0.0.0!443
Result
It says New-SelfSignedCertificate cannot be found for that line. If I create the certificate manually through the IIS manager, the rest of the code works fine.
Thanks for your help!
I got it to work this way
Import-Module WebAdministration
Set-Location IIS:\SslBindings
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
$c = New-SelfSignedCertificate -DnsName "myexample.com" -CertStoreLocation cert:\LocalMachine\My
$c | New-Item 0.0.0.0!443
Related
I'm currently writing a powershell script that provisions a virtual machine, more testing at the moment. The code at present
New-AzureQuickVM -ImageName $VMImage.ImageName -Windows -Name $VMName -ServiceName $VMName -AdminUsername $adminLogin `
-Password $adminPasswd -AffinityGroup $affinityGrp -InstanceSize $instanceSize -VNetName $virtualNetwork -SubnetNames $virtualSubnet -WaitForBoot
I can't see a parameter on MSDN to set the IP address of the VM. I know you can do it like this:
New-AzureVMConfig -Name $vmname -ImageName $img –InstanceSize Small | Set-AzureSubnet –SubnetNames $sub | Set-AzureStaticVNetIP -IPAddress 192.168.4.7 | New-AzureVM –ServiceName $vmsvc1 –AffinityGroup "NorthEuropeAG";
But it seems neater to use the New-AzureQuickVM. Am I able to just pipe New-AzureQuickVM to Set-AzureStaticVNetIP similar to how New-AzureVMConfig works or is there a better way to do it?
The purpose of the New-AzureQuickVM is to create the VM with absolute minimum number of required fields. Like the Quick Create.
On the Other hand the New-AzureVMConfig give you all options that are necessary to have the StaticIP , as you have mentioned or something like the following.
New-AzureVMConfig -Name "testvm123" -InstanceSize "Small" -ImageName $ImageName |
Add-AzureProvisioningConfig -Windows -AdminUsername $username-Password $password |
Set-AzureSubnet -SubnetNames "Subnetname" |
Set-AzureStaticVNetIP -IPAddress "10.0.0.22" |
New-AzureVM -ServiceName "somevmservicename"
Only way to do it is by setting the IP after VM creation:
Get-AzureVM -ServiceName $VMName -Name $VMName | Set-AzureStaticVNetIP -IPAddress 192.168.4.7 | Update-AzureVM
Is there a way to set the UrlSegmentMaxLength value for Http.sys using appcmd/netsh or any other commandline utility?
I realize this is an old question, but in case someone stumbles upon this, here's PowerShell one-liner that either creates the key and sets the value or updates existing value.
if ((Get-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -ErrorAction SilentlyContinue) -eq $null) { New-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -Value 2048 -PropertyType DWord } else { Set-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -Value 2048 }
`
As for restarting, I found that this works well (no need to restart the server):
Stop-Service http -Force
Start-Service http
Start-Service IISADMIN
Start-Service W3SVC
I change this for my deployment in powershell
Set-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -Value 500
Restart-Service W3SVC -Force
I am writing a powershell script that deploys a website to IIS 7. I would like to do the following command to remove a custom header using the Web-Administration module in powershell rather than with appcmd. How do I do this command in powershell not using appcmd?
appcmd set config /section:httpProtocol /-customHeaders.[name='X-Powered-By']
To remove the header on iis level:
Remove-WebConfigurationProperty -PSPath MACHINE/WEBROOT/APPHOST
-Filter system.webServer/httpProtocol/customHeaders
-Name .
-AtElement #{name='X-Powered-By'}
And for a specific site:
Remove-WebConfigurationProperty -PSPath 'MACHINE/WEBROOT/APPHOST/Default Web Site'
-Filter system.webServer/httpProtocol/customHeaders
-Name .
-AtElement #{name='X-Powered-By'}
Adding a new custom field eg. xff-ip to have remote client ip from x-forwarded-for request header
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/siteDefaults/logFile/customFields" -name "." -value #{logFieldName='xff-ip';sourceName='X-FORWARDED-FOR';sourceType='RequestHeader'}
Or for a specific site:
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/site[#name='My Super Site']/logFile/customFields" -name "." -value #{logFieldName='xff-ip';sourceName='X-FORWARDED-FOR';sourceType='RequestHeader'}
Removing your added custom logging field eg.xff-ip
Remove-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/siteDefaults/logFile/customFields" -name "." -AtElement #{logFieldName='xff-ip'}
Or from your site only
Remove-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/site[#name='My Super Site']/logFile/customFields" -name "." -AtElement #{logFieldName='xff-ip'}
I am writing a Powershell script to add/remove/edit IP restrictions for websites using Powershell. So far I am able to add restrictions, however wondering the best way to edit an existing ip restriction.
Add
Add-WebConfiguration -Filter /system.webserver/security/ipsecurity -Value #{ipAddress=$ipAddress;subnetMask="255.255.255.255";allowed=$allowed} -Location $websiteName -PSPath "IIS:\"
Edit
I have tried various combinations of:
Set-WebConfiguration -Filter system.webServer/security/ipSecurity/add[#ipAddress='192.123.123.123'] -Name "ipAddress" -Value $ipAddress -Location $websiteName -PSPath "IIS:\"
Set-WebConfigurationProperty -Filter system.webServer/security/ipSecurity/add[#ipAddress='192.123.123.123'] -Value = #{ipAddress=$ipAddress;subnetMask="255.255.255.255";allowed=$allowed} -Location $websiteName -PSPath "IIS:\"
Is the best way essentially to clear all, and recreate each time?
I had the same problem and fixed it like this -
# Compose new entry
$value = #{allowed="true";ipAddress="192.168.0.1"}
# Add new entry to restrictions
Add-WebConfigurationProperty -Filter 'system.webServer/security/ipSecurity' -PSPath "IIS:\Sites\MySite\" -Location "MyService" -Name "." -Value $value -ErrorAction Stop
I hope someone can help, I am trying to enable enable "ASP.Net Impersonation" under the Authenticatuin section in IIS7, I have enabled other sections using the following command:
Set-WebConfigurationProperty `
-filter /system.WebServer/security/authentication/windowsAuthentication `
-name enabled `
-value true `
-location $SiteName
But I cannot find a similar command for setting up ASP.net Impersonation, I am guessing it has something to do with being ASP.net not IIS.
Any insight would be appreciated.
Try this:
Set-WebConfigurationProperty `
-Filter system.web/identity `
-Name impersonate `
-Value True `
-Location $SiteName
Use -PSPath instead of -Location.
Set-WebConfigurationProperty -filter /system.web/identity -name impersonate -value true -PSPath 'IIS:\Sites\Default Web Site\WebApp'