Update netsh-cert-update.ps1
This commit is contained in:
@@ -1,13 +1,13 @@
|
|||||||
$old="{OLD_THUMBPRINT}"
|
$old="5df978393c6d7a5cd826a911d824322d4e7f6898"
|
||||||
$new="{NEW_THUMBPRINT}"
|
$new="391f6011610d4f3dfb8366455acb9ece00460846"
|
||||||
|
|
||||||
$oldN=($old -replace '\s','').ToLower()
|
$oldN=($old -replace '\s','').ToLower()
|
||||||
$newN=($new -replace '\s','').ToLower()
|
$newN=($new -replace '\s','').ToLower()
|
||||||
|
|
||||||
$raw = netsh http show sslcert
|
$raw = netsh http show sslcert
|
||||||
$bindings = @()
|
$bindings = @()
|
||||||
$cur = $null
|
$cur = $null
|
||||||
|
|
||||||
foreach ($line in $raw) {
|
foreach ($line in $raw) {
|
||||||
if ($line -match '^\s*(IP:port|Hostname:port)\s*:\s*(.+)\s*$') {
|
if ($line -match '^\s*(IP:port|Hostname:port)\s*:\s*(.+)\s*$') {
|
||||||
if ($cur) { $bindings += [pscustomobject]$cur }
|
if ($cur) { $bindings += [pscustomobject]$cur }
|
||||||
@@ -21,7 +21,7 @@ foreach ($line in $raw) {
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if (-not $cur) { continue }
|
if (-not $cur) { continue }
|
||||||
|
|
||||||
if ($line -match '^\s*Certificate Hash\s*:\s*(.+)\s*$') {
|
if ($line -match '^\s*Certificate Hash\s*:\s*(.+)\s*$') {
|
||||||
$cur.Hash = (($matches[1] -replace '\s','').ToLower())
|
$cur.Hash = (($matches[1] -replace '\s','').ToLower())
|
||||||
continue
|
continue
|
||||||
@@ -36,14 +36,14 @@ foreach ($line in $raw) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($cur) { $bindings += [pscustomobject]$cur }
|
if ($cur) { $bindings += [pscustomobject]$cur }
|
||||||
|
|
||||||
$targets = $bindings | Where-Object { $_.Hash -eq $oldN }
|
$targets = $bindings | Where-Object { $_.Hash -eq $oldN }
|
||||||
|
|
||||||
if (-not $targets) {
|
if (-not $targets) {
|
||||||
Write-Host "No bindings found with thumbprint $oldN"
|
Write-Host "No bindings found with thumbprint $oldN"
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($b in $targets) {
|
foreach ($b in $targets) {
|
||||||
Write-Host ""
|
Write-Host ""
|
||||||
Write-Host "Binding: $($b.Type) $($b.Binding)"
|
Write-Host "Binding: $($b.Type) $($b.Binding)"
|
||||||
@@ -52,7 +52,7 @@ foreach ($b in $targets) {
|
|||||||
Write-Host "Cert : $oldN -> $newN"
|
Write-Host "Cert : $oldN -> $newN"
|
||||||
Write-Host ""
|
Write-Host ""
|
||||||
$choice = Read-Host "Update this binding? [Y]es / [N]o / [S]top"
|
$choice = Read-Host "Update this binding? [Y]es / [N]o / [S]top"
|
||||||
|
|
||||||
switch ($choice.ToUpper()) {
|
switch ($choice.ToUpper()) {
|
||||||
"Y" {
|
"Y" {
|
||||||
$key = if ($b.Type -eq "IP:port") {
|
$key = if ($b.Type -eq "IP:port") {
|
||||||
@@ -60,32 +60,32 @@ foreach ($b in $targets) {
|
|||||||
} else {
|
} else {
|
||||||
"hostnameport=$($b.Binding)"
|
"hostnameport=$($b.Binding)"
|
||||||
}
|
}
|
||||||
|
|
||||||
Write-Host "Updating $($b.Binding)..."
|
Write-Host "Updating $($b.Binding)..."
|
||||||
& netsh http delete sslcert $key | Out-Null
|
& netsh http delete sslcert $key
|
||||||
& netsh http add sslcert $key `
|
& netsh http add sslcert $key `
|
||||||
"certhash=$newN" `
|
"certhash=$newN" `
|
||||||
"appid=$($b.AppId)" `
|
"appid=$($b.AppId)" `
|
||||||
"certstorename=$($b.Store)" | Out-Null
|
"certstorename=$($b.Store)"
|
||||||
|
|
||||||
Write-Host "Updated."
|
Write-Host "Updated."
|
||||||
}
|
}
|
||||||
|
|
||||||
"N" {
|
"N" {
|
||||||
Write-Host "Skipped."
|
Write-Host "Skipped."
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
"S" {
|
"S" {
|
||||||
Write-Host "Stopped by user."
|
Write-Host "Stopped by user."
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
|
|
||||||
default {
|
default {
|
||||||
Write-Host "Invalid choice, skipping this binding."
|
Write-Host "Invalid choice, skipping this binding."
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Write-Host "Processing complete."
|
Write-Host "Processing complete."
|
||||||
Reference in New Issue
Block a user