Author Posts

February 1, 2017 at 6:38 pm

Hi,

I am executing this to bind the certificate to my site.

New-WebBinding -name $iisSite -Protocol https -HostHeader localhost -Port 443 -SslFlags 1

Note that the SNI (-SslFlags) is enabled in this. We can disable SNI by passing -SslFlags 0 to above command , but in that case the certificate binding is not happening.

But i want to disable SNI as without that "https" is not working outside the box (for remote access).

Is there a way i can disable SNI except the above way ?

Appreciate any help !
Deepak

February 1, 2017 at 9:40 pm

The SSLFlags parameter determines where the certificate will be stored. Using 0 will store it in Windows certificate storage.

Once the certificate is in the storage, you need to run two more commands to link the certificate to the website binding.

$cert = Get-ChildItem -Path 'Cert:\LocalMachine\My | Where-Object {$_.subject -like '*mysite*'} | Select-Object -ExpandProperty Thumbprint

Get-Item -Path "cert:\localmachine\my\$cert" | New-Item -Path IIS:\SSLBindings\1.2.3.4!443"