anibal-acosta
commented
5 years ago this is the idea (not tested)...
`public static bool BindCertificateForIISSite(X509Certificate2 certificate, string siteName) { if (siteName == null) return false; try { Binding CurBinding = GetBindInformation(siteName);
RemoveHTTPSBindingFromIISSite(siteName);
ServerManager serverMgr = new ServerManager();
Site site = serverMgr.Sites[siteName];
Binding binding = null;
if (CurBinding == null)
{
binding = site.Bindings.Add("*:443:", certificate.GetCertHash(), "MY");
binding.Protocol = "https";
site.ApplicationDefaults.EnabledProtocols = "http,https";
}
else
{
CurBinding.CertificateHash = certificate.GetCertHash();
CurBinding.CertificateStoreName = "MY";
binding = site.Bindings.Add(CurBinding);
}
serverMgr.CommitChanges();
return true;
}
catch (Exception e)
{
logger.Error($"Could not bind certificate to site {siteName}: {e.Message}");
return false;
}
}
///added by Anibal Acosta
/// get binding information
private static Binding GetBindInformation(String siteName)
{
ServerManager serverMgr = new ServerManager();
Site site = serverMgr.Sites[siteName];
for (int i = 0; i < site.Bindings.Count; i++)
{
if (site.Bindings[i].Protocol.Equals("https"))
return site.Bindings[i];
}
return null;
}`
aloopkin
When an update is made all information about the binding (ip address, port, host name) lost. To fix application should first get the current information, then delete and then create the new binding with the saved current information changing only the cert hash and cert store name