update_https_bindings.ps1

Import-Module WebAdministration

# Get the latest certificate in store that applies to my site
$cert = (Get-ChildItem Cert:\LocalMachine\My |
    Where-Object {$_.Subject.Contains('*.example.com')} |
    Sort-Object -Descending {[System.DateTime]::Parse($_.GetExpirationDateString())} |
    Select-Object -First 1)

Set-Location IIS:\Sites

# Get all sites

Get-WebConfiguration -Filter "/system.applicationHost/sites/site[contains(@name, '.example.com')]/bindings/binding[@protocol='https']" | 
    Where-Object {$_.certificateHash -ne $cert.Thumbprint} | 
    % { 
        Write-Host $_
        $_.RemoveSslCertificate()
        $_.AddSslCertificate($cert.Thumbprint, 'My') 
    }

Thanks so much for this.
Been searching the internet for a way to do this and I saw a lot of examples. Yours easily wins out. Firstly, it works! Secondly, it is the most economical code I have seen. Thirdly it's lightning fast.

Thanks so much :)

i have adapted the script a little bit for me:

$OLDCertificateThumbprint = "123456789abcdefgh1a2b3c4d5e6f7g8h9a1a1a1"
$NEWCertificateThumbprint = "7a3b5a1g1a6a2j2a262a3343a333a5a64a4a4a4a"

#Show bindings where the old certificate is in use
Get-WebBinding | Where-Object { $_.certificateHash -eq $OLDCertificateThumbprint} | Format-Table

#Select bindings where the old certificate is in use and attach the new certificate
Get-WebBinding | Where-Object { $_.certificateHash -eq $OLDCertificateThumbprint} | ForEach-Object {
        Write-Host "Working on"  $_ 
        $_.RemoveSslCertificate()
        $_.AddSslCertificate($NEWCertificateThumbprint, 'My')
        }

#Show bindings where the new certificate is in use
Get-WebBinding | Where-Object { $_.certificateHash -eq $NEWCertificateThumbprint}

Oh my gosh!! This has saved me hours and headache. I have been searching online and using the commands from several different sites, everyone failed at some point. This one works! Thank you...Thank you!!!