[Improvement] Implement fully automated IIS-Certificate handling

[glatzert]

• [] Define required Modules
• [] Plan Setup-Process
• [] Implement renewal for CCS
• [] Implement renewal for non-CCS

Stub-Branch: IIS-Module

[c-amie]

What is the breadth and scope of your desire to automate it?

My wrapper functions for your module (and previously ACMESharp) automate the renewal processes and clean-up based on a bootstrap call from task scheduler. I am sure that there are plenty of other people who have done this in their environments and probably 50 different approaches to it. What are you thinking?

[glatzert]

51 - i got one wrapper, too ;)

The UX should be the following:

• The user downloads ACME-PS-IIS
• She runs Setup-ACMEPSIIS, which creates:
  • the acme state dir
  • an account (if not present and passed to the setup)
  • a task to update the certificates automatically

The task consists of detecting all Bindings, and trying to refresh every certificate, which will meet an expiry threshold. The task should be able to detect, if CCS (Central Certificate Store) is in use or not and put certificates to the appropriate locations.

An option to automatically create new https binding for every non-localhost http binding would probably be nice.

Probably hardest nut to crack here: how to answer the challenge. Also, if URL-Rewrite is available, answering the challenge (at least http-01) would also be simple.

[GeorgeSchiro]

FYI, here's my wrapper. It does all that and more: GetCert2.exe