Author Posts

September 3, 2015 at 5:05 pm

I have a network of 700 POS machines, running Windows 7 Embedded, with IIS installed. I use the IIS only for FTP functionality to send and receive files from my POS.

I am now looking to make this FTP over SSL, rather than plain text FTP. I successfully set this up in my lab, manually. Now that I am looking to deploy it to the rest of the fleet, I would love to automate it via powershell. I am pretty good with automating processes with powershell already, but I don't have much experience with the IIS side of things.

Currently I have a script that looks like this:

# path to certificate
$certPath = 'C:\Upgrades\cert\retail.mydomain.local.pfx'

# import the pfx certificate into the personal store
certutil.exe -importPFX $certPath

# add the web administration module
Import-Module -Name webadministration

$defaultFTP = 'IIS:\Sites\Default FTP Site'

# set the properties to require FTP over SSL
Set-ItemProperty -Path $defaultFTP -Name ftpServer.security.ssl.controlChannelPolicy -Value 1
Set-ItemProperty -Path $defaultFTP -Name ftpServer.security.ssl.dataChannelPolicy -Value 1
This imports my cert into the personal store, and requires SSL over FTP (both data channel and control).

I am thinking that now I need to be able to tell the FTP site to use the certificate in my personal store, and set the port for the data channel (I picked 5001) in the FTP Firewall Support section.

I haven't really been able to find what I am looking for via searching – I am hoping someone here can help point me in the right direction.

Thanks

sb

September 5, 2015 at 7:25 am

Hi Stephen,

Does below work for you?

Best,
Daniel

September 8, 2015 at 10:49 am

Thank you for this post, I will give it a try tomorrow and report back!!

September 16, 2015 at 7:35 am

This did the trick. Thank you so much for the info.

This works much better than the way that I was accomplishing this previously. I kept getting an error that the configuration was locked.

With the examples you gave, this issue seems to have been resolved.

Thanks again,
sb

September 16, 2015 at 7:39 am

You are very welcome.

Best,
Daniel