Last active
May 22, 2024 09:08
-
-
Save camieleggermont/5b2971a96e80a658863106b21c479988 to your computer and use it in GitHub Desktop.
This powershell script generates a new certificate, removes the old certificate assignments from the IISExpress ssl ports and adds the newly generated one. The certificate is also copied over to the Trusted Root Certificate Authorities.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$cert = New-SelfSignedCertificate -DnsName "localhost", "localhost" -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date).AddYears(5) | |
$thumb = $cert.GetCertHashString() | |
For ($i=44300; $i -le 44399; $i++) { | |
netsh http delete sslcert ipport=0.0.0.0:$i | |
} | |
For ($i=44300; $i -le 44399; $i++) { | |
netsh http add sslcert ipport=0.0.0.0:$i certhash=$thumb appid=`{214124cd-d05b-4309-9af9-9caa44b2b74a`} | |
} | |
$StoreScope = 'LocalMachine' | |
$StoreName = 'root' | |
$Store = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Store -ArgumentList $StoreName, $StoreScope | |
$Store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) | |
$Store.Add($cert) | |
$Store.Close() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
🙏 Thank you!
Had a legacy project to deal with and tripped over this, problem, your script worked like a charm. Found the gist via https://steffbeckers.eu/blog/iis-express-localhost-ssl-certificate-reset which also has a useful minimum test project at https://github.com/steffbeckers/iis-express-ssl-reset-test