Powershell script to enable ssl on a website using Self Signed Certificate.

iis_ssl_certificate

$hostName="www.techknowhow.net"
$iisSite="techknowhow"

New-SelfSignedCertificate -DnsName $hostName -CertStoreLocation "cert:\LocalMachine\My"

$SourceStoreScope = 'LocalMachine'
$SourceStorename = 'My'
 
$SourceStore = New-Object  -TypeName System.Security.Cryptography.X509Certificates.X509Store  -ArgumentList $SourceStorename, $SourceStoreScope
$SourceStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly)
 
$cert = $SourceStore.Certificates | Where-Object  -FilterScript {
    $_.subject -like "*$hostName*"
}
$cert

$DestStoreScope = 'LocalMachine'
$DestStoreName = 'root'
 
$DestStore = New-Object  -TypeName System.Security.Cryptography.X509Certificates.X509Store  -ArgumentList $DestStoreName, $DestStoreScope
$DestStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
$DestStore.Add($cert)

$certThumbprint = ($DestStore.Certificates | Where-Object  -FilterScript {
    $_.subject -like "*$hostName*"
} | Select-Object -First 1).Thumbprint
 
$SourceStore.Close()
$DestStore.Close()
	
"Cert Hash: " + $certThumbprint

# http.sys mapping of ip/hostheader to cert
$guid = [guid]::NewGuid().ToString("B")
netsh http add sslcert hostnameport="${hostName}:443" certhash=$certThumbprint certstorename=root appid="$guid"

# iis site mapping ip/hostheader/port to cert - also maps certificate if it exists
# for the particular ip/port/hostheader combo
New-WebBinding -name $iisSite -Protocol https  -HostHeader $hostName -Port 443 -SslFlags 1