POSTS

Setting up a Lets Encrypt Certificate on Windows Server 2016 Core

- 1 minutes read - 182 words

I wanted to use Lets Encrypt to create certificates for my home server. Once created I’ve exported a .pfx file so that I can reuse the certificate in third party services.

Install IIS and Web Application Development Windows Feature

PS C:\> Install-WindowsFeature -Name Web-Server
PS C:\> Install-WindowsFeature -Name Web-App-Dev -IncludeAllSubFeature 

Add Domain Binding to Default Web Site

PS C:\> New-WebBinding -Name "Default Web Site" -IPAddress "*" -Port 80 -HostHeader newsite.ljdp.co.uk

Setup Certify

  • Install Certify.
  • Create Certificate using Certify.UI.Exe.

Get Certificate Thumbprint

PS C:\> GET-PSPROVIDER
PS C:\> GET-PSDRIVE
PS C:\> SET-LOCATION CERT: ; DIR
PS Cert:\> SET-LOCATION LOCALMACHINE ; DIR
PS Cert:\LOCALMACHINE> SET-LOCATION MY ; DIR

Configure RDP to use Certificate

  • Replace {{THUMBPRINT}} with thumbprint from previous step.
PS C:\> $path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path
PS C:\> Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="{{THUMBPRINT}}"}

Export Certificate

PS C:\> $mypwd = ConvertTo-SecureString -String "Gfj422m;dfwfw" -Force -AsPlainText
PS C:\> Get-ChildItem -Path cert:\localMachine\my\88D4R80945EBDA2DFC64143350BF47B47B3AE728 | Export-PfxCertificate -FilePath C:\mypfx.pfx -Password $mypwd

References

Install IIS or any Role and Feature Working with Certificates in Powershell Configure custom SSL Certificate for RDP on Windows Server Export PFX Certificate

comments powered by Disqus