harshbaid/Renew.Sitecore.and.XConnect.Certs.ps1

## Renew.Sitecore.and.XConnect.Certs.ps1
<#
Steps to update expired Sitecore SSL cert, XConnect site SSL cert, XConnect client cert

- Remove existing expired certs and client certs including root certs
- Download SIF scripts from https://github.com/Sitecore/Sitecore.HabitatHome.Utilities/
- Use Add-SSLSiteBindingWithCertificate.ps1 to generate SSL cert for Sitecore and XConnect IIS site
- Comment everything else in install-xp0.ps1 except the part that generates client cert for xconnect
- Use install-xp0.ps1 to generate Client cert for XConnect cert authentication
- Ensure root cert, cert and client cert are installed correctly using certlm.msc
- Update IIS Site bindings to use new certs
- Update connectionstrings and appsettings config files in Sitecore and XConnect to use new cert's thumbprint
- From certlm.msc, Assign permission on client cert > right click and manage keys > to IIS AppPool of sitecore and xconnect sites
#>

# PS query to check local certs
Get-ChildItem Cert:\LocalMachine\My

# PS query to check root certs
Get-ChildItem Cert:\LocalMachine\Root

# PS query that shows another way of querying expired certs from local or root
Get-ChildItem -Path cert: -Recurse | where { $_.Thumbprint -like "5315EF83D8E7F3DC94CAF1CF15B3AC98A4FCC007" } | Select $_

# PS query to remove identified certs from local or root
Get-ChildItem Cert:\LocalMachine\My\#c e r t    t h u m p r i n t# | Remove-Item
Get-ChildItem Cert:\LocalMachine\Root\#c e r t    t h u m p r i n t# | Remove-Item

# PS query that shows another way of removing identified certs from local or root
Get-ChildItem -Path cert: -Recurse | where { $_.Thumbprint -like "5315EF83D8E7F3DC94CAF1CF15B3AC98A4FCC007" } | Remove-Item

# PS script to generate ssl cert for Sitecore
.\Add-SSLSiteBindingWithCertificate.ps1 -SiteName sitename.local -Port 443 -HostName sitename.local -CertificateName sitename.local

# PS script to generate ssl cert for Sitecore XConnect
.\Add-SSLSiteBindingWithCertificate.ps1 -SiteName sitename_xconnect.local -HostName sitename_xconnect.local -CertificateName sitename_xconnect.local

# PS script to be executed only after commenting out everything else except the part that generates client cert for xconnect
.\install-xp0.ps1
	<#
	Steps to update expired Sitecore SSL cert, XConnect site SSL cert, XConnect client cert

	- Remove existing expired certs and client certs including root certs
	- Download SIF scripts from https://github.com/Sitecore/Sitecore.HabitatHome.Utilities/
	- Use Add-SSLSiteBindingWithCertificate.ps1 to generate SSL cert for Sitecore and XConnect IIS site
	- Comment everything else in install-xp0.ps1 except the part that generates client cert for xconnect
	- Use install-xp0.ps1 to generate Client cert for XConnect cert authentication
	- Ensure root cert, cert and client cert are installed correctly using certlm.msc
	- Update IIS Site bindings to use new certs
	- Update connectionstrings and appsettings config files in Sitecore and XConnect to use new cert's thumbprint
	- From certlm.msc, Assign permission on client cert > right click and manage keys > to IIS AppPool of sitecore and xconnect sites
	#>

	# PS query to check local certs
	Get-ChildItem Cert:\LocalMachine\My

	# PS query to check root certs
	Get-ChildItem Cert:\LocalMachine\Root

	# PS query that shows another way of querying expired certs from local or root
	Get-ChildItem -Path cert: -Recurse \| where { $_.Thumbprint -like "5315EF83D8E7F3DC94CAF1CF15B3AC98A4FCC007" } \| Select $_

	# PS query to remove identified certs from local or root
	Get-ChildItem Cert:\LocalMachine\My\#c e r t t h u m p r i n t# \| Remove-Item
	Get-ChildItem Cert:\LocalMachine\Root\#c e r t t h u m p r i n t# \| Remove-Item

	# PS query that shows another way of removing identified certs from local or root
	Get-ChildItem -Path cert: -Recurse \| where { $_.Thumbprint -like "5315EF83D8E7F3DC94CAF1CF15B3AC98A4FCC007" } \| Remove-Item

	# PS script to generate ssl cert for Sitecore
	.\Add-SSLSiteBindingWithCertificate.ps1 -SiteName sitename.local -Port 443 -HostName sitename.local -CertificateName sitename.local

	# PS script to generate ssl cert for Sitecore XConnect
	.\Add-SSLSiteBindingWithCertificate.ps1 -SiteName sitename_xconnect.local -HostName sitename_xconnect.local -CertificateName sitename_xconnect.local

	# PS script to be executed only after commenting out everything else except the part that generates client cert for xconnect
	.\install-xp0.ps1