In this article, I’ll show you how to create and Install a Self-Signed SSL Certificate on Windows Nano Server 2016.
Windows Nano Server 2016 Is a super light Windows Server without GUI, Management Tools, or Interface.
Nano Server Is a headless Server that can only be managed using PowerShell remote.
Creating a Self-Signed Certificate for a Windows Nano Server requires a management Server that will generate the certificate because Nano Server can’t run the cmdlets to create the actual certificate.
The entire process Is done using PowerShell on the management server and Nano Server.
In this process I’ll follow the steps below:
- Create a Self-Signed on a Management Server
- Note Certificate Information
- Copy Certificate to Windows Nano Server 2016
- On Nano Server Import \ Install Certificate
-
Bond Certificate to IIS Website
To get started, On A management Machine run the cmdlets below to create a Self-Signed Certificate and export it c:\temp
$newCert = New-SelfSignedCertificate -DnsName "nanod03.test.local" -CertStoreLocation cert:\LocalMachine\my $mypwd = ConvertTo-SecureString -String "nano" -Force -AsPlainText Export-PfxCertificate -FilePath c:\temp\test.pfx -Cert $newCert -Password $mypwd
To view, the new cert run the line below and note the Thumbprint
Get-ChildItem Cert:\LocalMachine\my
7F58554D1A201649834B22826D14B34C125E3836
Copy cert to Nano Server and run the code below to Install the cert
certoc.exe -ImportPFX -p nano My c:\nano.pfx
To bind the cert to a IIS site name Web
$certificate = get-item Cert:\LocalMachine\my\7F58554D1A201649834B22826D14B34C125E3836 $hash = $certificate.GetCertHash() Import-Module IISAdministration $sm = Get-IISServerManager $sm.Sites["web"].Bindings.Add("*:443:", $hash, "My", "0") $sm.CommitChanges()
As you can see the certificate Is Installed
For 75+ articles about Windows Nano Server, visit the main page at http://nano.ntweekly.com