Install Self-Signed Certificate On Windows Nano Server 2016

In this article, I’ll show you how to create and Install a Self-Signed SSL Certificate on Windows Nano Server 2016.

Windows Nano Server 2016 Is a super light Windows Server without GUI, Management Tools, or Interface.

Nano Server Is a headless Server that can only be managed using PowerShell remote.

Creating a Self-Signed Certificate for a Windows Nano Server requires a management Server that will generate the certificate because Nano Server can’t run the cmdlets to create the actual certificate.

The entire process Is done using PowerShell on the management server and Nano Server.

In this process I’ll follow the steps below:

  1. Create a Self-Signed on a Management Server
  2. Note Certificate Information
  3. Copy Certificate to Windows Nano Server 2016
  4. On Nano Server Import \ Install Certificate
  5. Bond Certificate to IIS Website

To get started, On A management Machine run the cmdlets below to create a Self-Signed Certificate and export it c:\temp

$newCert = New-SelfSignedCertificate -DnsName "nanod03.test.local" -CertStoreLocation cert:\LocalMachine\my

$mypwd = ConvertTo-SecureString -String "nano" -Force -AsPlainText

Export-PfxCertificate -FilePath c:\temp\test.pfx -Cert $newCert -Password $mypwd

To view, the new cert run the line below and note the Thumbprint

Get-ChildItem Cert:\LocalMachine\my

7F58554D1A201649834B22826D14B34C125E3836

Copy cert to Nano Server and run the code below to Install the cert

certoc.exe -ImportPFX -p nano My c:\nano.pfx

To bind the cert to a IIS site name Web

$certificate = get-item Cert:\LocalMachine\my\7F58554D1A201649834B22826D14B34C125E3836

$hash = $certificate.GetCertHash()

Import-Module IISAdministration

$sm = Get-IISServerManager

$sm.Sites["web"].Bindings.Add("*:443:", $hash, "My", "0")

$sm.CommitChanges()

As you can see the certificate Is Installed

For 75+ articles about Windows  Nano Server, visit the main page at http://nano.ntweekly.com


Posted

in

by