Home
%3CLINGO-SUB%20id%3D%22lingo-sub-287857%22%20slang%3D%22en-US%22%3EBinding%20a%20Certificate%20in%20IIS%20using%20C%23%20and%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-287857%22%20slang%3D%22en-US%22%3E%0A%20%26lt%3Bmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DUTF-8%22%20%2F%26gt%3B%3CSTRONG%3EFirst%20published%20on%20MSDN%20on%20Mar%2023%2C%202018%20%3C%2FSTRONG%3E%20%3CBR%20%2F%3E%20Other%20day%20I%20was%20assisting%20a%20customer%20who%20had%20a%20unique%20need%20of%20binding%20a%20Certificate%20from%20within%20C%23%20code%20using%20Powershell.%20A%20direct%20API%20call%20won't%20work%20due%20to%20some%20constraints%2C%20so%20Powershell%20was%20the%20other%20viable%20option.%20Customer%20also%20didn't%20want%20any%20Powershell%20window%20to%20pop-up%2C%20so%20we%20needed%20to%20code%20around%20it.%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20Here%20is%20the%20code%20sample%3A%20%3CBR%20%2F%3E%20using%20System%3B%20%3CBR%20%2F%3E%20using%20System.Collections.Generic%3B%20%3CBR%20%2F%3E%20using%20System.Linq%3B%20%3CBR%20%2F%3E%20using%20System.Text%3B%20%3CBR%20%2F%3E%20using%20System.Threading.Tasks%3B%20%3CBR%20%2F%3E%20using%20System.Management.Automation%3B%20%3CBR%20%2F%3E%20using%20System.Collections.ObjectModel%3B%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20namespace%20ExecutePowershell%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20class%20Program%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20static%20void%20Main(string%5B%5D%20args)%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20ExecutePowershellClass%20pwrshell%20%3D%20new%20ExecutePowershellClass()%3B%20%3CBR%20%2F%3E%20pwrshell.ExecuteCommand()%3B%20%3CBR%20%2F%3E%20Console.ReadLine()%3B%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20class%20ExecutePowershellClass%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20public%20void%20ExecuteCommand()%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20using%20(PowerShell%20myPowerShellInstance%20%3D%20PowerShell.Create())%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20%2F%2Fpowershell%20script%20to%20get%20version%20number%20and%20list%20of%20processes%20currently%20executing%20in%20the%20machine.%20%3CBR%20%2F%3E%20string%20sScript%3D%20%22%24PSVersionTable.PSVersion%3Bget-process%22%3B%20%2F%2F%20%3CSTRONG%3E%20REPLACE%20THIS%20sScript%20WITH%20THE%20POWERSHELL%20%3C%2FSTRONG%3E%20%3CBR%20%2F%3E%20%3CSTRONG%3E%20%2F%2FCOMMAND%20BELOW.%20BASICALLY%20BUILD%20YOUR%20OWN%20STRING%20BASED%20ON%20YOUR%20NEED%20%3C%2FSTRONG%3E%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%2F%2F%20use%20%22AddScript%22%20to%20add%20the%20contents%20of%20a%20script%20file%20to%20the%20end%20of%20the%20execution%20pipeline.%20%3CBR%20%2F%3E%20myPowerShellInstance.AddScript(sScript)%3B%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%2F%2F%20invoke%20execution%20on%20the%20pipeline%20(collecting%20output)%20%3CBR%20%2F%3E%20Collection%3CPSOBJECT%3E%20PSOutput%20%3D%20myPowerShellInstance.Invoke()%3B%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%2F%2F%20loop%20through%20each%20output%20object%20item%20%3CBR%20%2F%3E%20foreach%20(PSObject%20outputItem%20in%20PSOutput)%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20if%20(outputItem%20!%3D%20null)%20%3CBR%20%2F%3E%20%7B%20%3CBR%20%2F%3E%20Console.WriteLine(outputItem.ToString())%3B%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20%7D%20%3CBR%20%2F%3E%20Powershell%20COMMAND%20to%20bind%20a%20certificate%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%23%20Import%20IIS%20web%20administration%20Module%20%3CBR%20%2F%3E%20Import-Module%20WebAdministration%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20New-SelfSignedCertificate%20-DnsName%20website.test.com%20-CertStoreLocation%20cert%3A%5CLocalMachine%5CMy%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%24certificate%20%3D%20Get-ChildItem%20Cert%3A%5CLocalMachine%5CMy%20%7C%20Where-Object%20%7B%24_.subject%20-like%20%22*website.test.com*%22%7D%20%7C%20Select-Object%20-ExpandProperty%20Thumbprint%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20Write-Host%20%24certificate%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20Get-WebBinding%20-Port%20443%20-Name%20website.test.com%20%7C%20Remove-WebBinding%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20Remove-Item%20-Path%20%22IIS%3A%5CSslBindings%5C*!443!website.test.com%22%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20New-WebBinding%20-Name%20%22Default%20Web%20Site%22%20-IPAddress%20%22*%22%20-HostHeader%20%22website.test.com%22%20-Port%20443%20-Protocol%20https%20-SslFlags%200%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20get-item%20-Path%20%22cert%3A%5Clocalmachine%5Cmy%5C%24certificate%22%20%7C%20new-item%20-path%20IIS%3A%5CSslBindings%5C0.0.0.0!443!website.test.com%20-Value%20%24certificate%20-Force%20%3CBR%20%2F%3E%20%3CSTRONG%3E%20Note%20%3C%2FSTRONG%3E%20%3A%20You%20need%20to%20modify%20the%20hostname%20and%20binding%20accordingly.%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%3C%2FPSOBJECT%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-287857%22%20slang%3D%22en-US%22%3EFirst%20published%20on%20MSDN%20on%20Mar%2023%2C%202018%20Other%20day%20I%20was%20assisting%20a%20customer%20who%20had%20a%20unique%20need%20of%20binding%20a%20Certificate%20from%20within%20C%23%20code%20using%20Powershell.%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-287857%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Ebinding%20certificate%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eiis%20binding%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Essl%20certificate%20binding%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Essl%20iis%20certificate%20powershell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3C%2FLINGO-BODY%3E
Microsoft
First published on MSDN on Mar 23, 2018
Other day I was assisting a customer who had a unique need of binding a Certificate from within C# code using Powershell. A direct API call won't work due to some constraints, so Powershell was the other viable option. Customer also didn't want any Powershell window to pop-up, so we needed to code around it.

Here is the code sample:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Management.Automation;
using System.Collections.ObjectModel;

namespace ExecutePowershell
{
class Program
{
static void Main(string[] args)
{
ExecutePowershellClass pwrshell = new ExecutePowershellClass();
pwrshell.ExecuteCommand();
Console.ReadLine();
}
}
class ExecutePowershellClass
{
public void ExecuteCommand()
{
using (PowerShell myPowerShellInstance = PowerShell.Create())
{
//powershell script to get version number and list of processes currently executing in the machine.
string sScript= "$PSVersionTable.PSVersion;get-process"; // REPLACE THIS sScript WITH THE POWERSHELL
//COMMAND BELOW. BASICALLY BUILD YOUR OWN STRING BASED ON YOUR NEED

// use "AddScript" to add the contents of a script file to the end of the execution pipeline.
myPowerShellInstance.AddScript(sScript);

// invoke execution on the pipeline (collecting output)
Collection<PSObject> PSOutput = myPowerShellInstance.Invoke();

// loop through each output object item
foreach (PSObject outputItem in PSOutput)
{
if (outputItem != null)
{
Console.WriteLine(outputItem.ToString());
}
}
}
}
}
}
Powershell COMMAND to bind a certificate

# Import IIS web administration Module
Import-Module WebAdministration

New-SelfSignedCertificate -DnsName website.test.com -CertStoreLocation cert:\LocalMachine\My

$certificate = Get-ChildItem Cert:\LocalMachine\My | Where-Object {$_.subject -like "*website.test.com*"} | Select-Object -ExpandProperty Thumbprint

Write-Host $certificate

Get-WebBinding -Port 443 -Name website.test.com | Remove-WebBinding

Remove-Item -Path "IIS:\SslBindings\*!443!website.test.com"

New-WebBinding -Name "Default Web Site" -IPAddress "*" -HostHeader "website.test.com" -Port 443 -Protocol https -SslFlags 0

get-item -Path "cert:\localmachine\my\$certificate" | new-item -path IIS:\SslBindings\0.0.0.0!443!website.test.com -Value $certificate -Force
Note : You need to modify the hostname and binding accordingly.