Had a requirement to install and configure IIS, AppPools, and Certs with PowerShell. It can apparently be scripted in PowerShell! In our unique business case, we configured our sites with self signed certs that would last for 5 years and can be recreated if already existed.
Solution:
Import-Module WebAdministration
iisreset /stop
$appPoolUser = “user”
$appPoolUserPassword = “password”#Create AppPools
cd “C:\WINDOWS\system32\”
cd IIS:if(Test-Path IIS:\AppPools\newsite1)
{
echo “newsite1 apppool exists – removing”
Remove-WebAppPool newsite1
gci IIS:\AppPools
}$newsite1AppPool = New-Item IIS:\AppPools\newsite1
$newsite1AppPool.enable32BitApponWin64 = “True”
$newsite1AppPool.startMode = “AlwaysRunning”
$newsite1AppPool.processModel.identityType = 3
$newsite1AppPool.processModel.userName = $appPoolUser
$newsite1AppPool.processModel.password = $appPoolUserPassword
$newsite1AppPool | set-item#Create IIS Site folders
if(Test-Path c:\inetpub\wwwroot\newsite1)
{
Remove-Item “c:\inetpub\wwwroot\newsite1” -Recurse
}if (-not (Test-Path c:\inetpub\wwwroot\newsite1))
{
New-Item -ItemType “directory” -Path “c:\inetpub\wwwroot\newsite1”
write-host “c:\inetpub\wwwroot\newsite1 created”
}#Create self signed cert
$fqdn = [System.Net.Dns]::GetHostByName($env:computerName).HostName
$todaydt = Get-Date
$5years = $todaydt.AddYears(5)Get-ChildItem -Path Cert:\LocalMachine\My | where { $_.subject -eq “CN=$fqdn” } | Remove-Item #remove existing certs if reinstalling
New-SelfSignedCertificate -DnsName $fqdn -notafter $5years -CertStoreLocation “cert:\LocalMachine\My”
$thumbprintSelfSignedCert = (Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -match $fqdn}).Thumbprint;$selfSignedCertPath = “Cert:\LocalMachine\My\$thumbprintSelfSignedCert”
$providerPathnewsite1 = ‘IIS:\SSLBindings\0.0.0.0!182’Get-Item $selfSignedCertPath | New-Item $providerPathnewsite1
Get-Item $selfSignedCertPath | Set-Item $providerPathnewsite1$selfSignedCert = Get-ChildItem -Path “cert:\LocalMachine\My\$thumbprintSelfSignedCert”
Export-Certificate -cert $selfSignedCert -FilePath “C:\SystemFiles\certs\$fqdn.cer”
Import-Certificate -FilePath “C:\SystemFiles\certs\$fqdn.cer” -CertStoreLocation cert:\LocalMachine\Root
Import-Certificate -FilePath “C:\SystemFiles\certs\1sectigo.cer” -CertStoreLocation cert:\LocalMachine\Root
Import-Certificate -FilePath “C:\SystemFiles\certs\2comodo.cer” -CertStoreLocation cert:\LocalMachine\Root
Import-Certificate -FilePath “C:\SystemFiles\certs\3UniversalStudiosCertificateAuthority.cer” -CertStoreLocation cert:\LocalMachine\Root
Import-Certificate -FilePath “C:\SystemFiles\certs\4UniversalStudiosRootCertificateAuthority.cer” -CertStoreLocation cert:\LocalMachine\Root#Get-Website -Name ‘newsite1’.bindings.Collection
#Create IIS Website
if(Test-Path IIS:\Sites\newsite1)
{
echo “newsite1 website exists – removing”
Remove-WebSite newsite1
gci IIS:\Sites
}New-WebSite -Name “newsite1” -Port 182 -HostHeader “$fqdn” -PhysicalPath “c:\inetpub\wwwroot\newsite1” -ApplicationPool “newsite1” -ssl
Set-ItemProperty “IIS:\Sites\newsite1” -Name applicationDefaults.preloadEnabled -Value Truecd C:\SystemFiles\Install_Scripts
iisreset /start
