Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to use powershell to install and configure IIS, SSL certificate, urlrewrite, git and clone repository

I'm currently setting up auto scaling IIS webservers and need to automatically install and configure the following through a powershell script:

  • IIS
  • URLRewrite
  • Import SSL certificate
  • Configure a new website
  • Add new SSL bindings
  • Download my source code from a GIT repository

Regards

Liam

like image 498
Liam Wheldon Avatar asked Aug 13 '14 13:08

Liam Wheldon


People also ask

How do I request and install SSL certificate in IIS?

In the prompt, type inetmgr and click OK to launch the Internet Information Services (IIS) Manager. Under the Connections panel on the left, click on your Server Name. In the main panel under the IIS section, double click on Server Certificates. Under the Actions panel on the right, click Complete Certificate Request.

How do I bind a certificate in IIS using PowerShell?

To enable SSL three steps are involved: Acquiring and installing a certificate. Creating an SSL binding in IIS. Assigning the certificate to the IP:Port of the IIS binding.


1 Answers

I just thought I'd share a powershell script that I put together with you all as I came across a situation with AWS ELB where I needed to install IIS, URL rewrite, git and clone the repository.

echo "Installing web-webserver"
powershell.exe add-windowsfeature web-webserver -includeallsubfeature -logpath $env:temp\webserver_addrole.log 
echo "Installing web-mgmt-tools"
powershell.exe add-windowsfeature web-mgmt-tools -includeallsubfeature -logpath $env:temp\mgmttools_addrole.log

echo "Creating C:\inetpub\wwwroot\example.com\"
$TestApplicationroot = Test-Path C:\inetpub\wwwroot\example.com
if (! $TestApplicationroot) {
    mkdir C:\inetpub\wwwroot\example.com
}

echo "GIT: Installing Chocolatey"
(new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1') | iex
echo "GIT: Installing Git"
cinst git
echo "GIT: Setting enviroment path"
$env:path += ";" + (Get-Item "Env:ProgramFiles(x86)").Value + "\Git\bin"
echo "GIT: Installing poshgit"
cinst poshgit
echo "GIT: Installing UrlRewrite"
cinst UrlRewrite
echo "GIT: Installing git-credential-winstore"
cinst git-credential-winstore

.\CredMan.ps1 -AddCred -Target 'git:https://gitrespos.org' -User 'TestApplication' -Pass 'TestApplicationPassword'

echo "GIT: Cloning TestApplication1 code"
cd C:\inetpub\wwwroot\example.com\
git clone "https://gitrespos.org/Username/TestApplication1.git"

import-module webadministration

echo "Creating new website"
new-website -name "example.com" -port 80 -physicalpath c:\inetpub\wwwroot\example.com -ApplicationPool ".NET v4.5" -force 

Echo "Importing SSL certificate"
$mypwd = ConvertTo-SecureString -String "SSLCertificate password" -Force –AsPlainText
Import-PfxCertificate –FilePath .\certificate.pfx cert:\localMachine\my -Password $mypwd
New-WebBinding -Name "example.com" -IP "*" -Port 443 -Protocol https

echo "Assigning SSL certificate"
cd IIS:\SslBindings
$cert = Get-Item cert:\LocalMachine\My\THUMB-OF-SSL-CERTIFICATE
$cert |New-Item 0.0.0.0!443

echo "Adding application pools TestApplication1"
New-Item 'IIS:\Sites\example.com\TestApplication1' -physicalPath "C:\inetpub\wwwroot\example.com\TestApplication1" -type Application

echo "Removing Default Web Site"
remove-website -name "Default Web Site"
Start-Sleep -s 10
echo "Starting example.com website"
start-website -name "example.com"

You can download CredMan.ps1 from the following link http://gallery.technet.microsoft.com/scriptcenter/PowerShell-Credentials-d44c3cde

You'll need to first find the Thumb of your certificate on a server by running the following in powershell and note down the Thumbprint as it'll be the same on every server you import the certificate to.:

get-ChildItem cert:\LocalMachine\My

I hope that this is of help to some of you as it's taken me days to come up with having hit different issues along the way.

like image 188
Liam Wheldon Avatar answered Sep 21 '22 15:09

Liam Wheldon