Skip to content
Powershell script that can be used to automate installation of letsencrypt.org certificates using ACMESharp
PowerShell
Branch: master
Clone or download
Pull request Compare This branch is 1 commit ahead of michaelmcdaniel:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
RenewCertificate.ps1

README.md

Automated-ACMESharp

Powershell script that can be used to automate installation of letsencrypt.org certificates using ACMESharp for Windows IIS.


Do you want to just have your single server update it's own free certificates using Let's Encrypt? Download RenewCertificate.ps1 and add as a scheduled task to run every 2 months! That's right, Free Automated Certificate Installation.

After downloading the powershell script, update the following parameters:
$name = "NAME" # This is just a friendly name used as the site identifier by ACMESharp
$site = "Default Web Site" # This is the IIS Site Name that has the bindings you need
$dns = "example.com" # This is the root dns name

Add your aliases!
$alias += "www.example.com"
$alias += "ftp.example.com"

$pwd = Generate-Password # or don't and use something you know.

PFX files will be stored in the same directory that the script gets run in.

If you've never used ACMESharp, don't forget to initalize the vault and agree to the terms of service! See ACMESharp for more details.

PS:> Import-Module ACMESharp
PS:> Initialize-ACMEVault
PS:> New-ACMERegistration -Contacts mailto:somebody@example.org -AcceptTos

To set up a scheduled task, create a batch file that runs the script.

run.bat
c:\windows\system32\WindowsPowerShell\v1.0\powershell.exe "c:\powershell\renewcertificate.ps1"

Open Task Scheduler
Create Basic Task...
Set Monthly Trigger to every other month
Action: Start a program</br/> Select your batch file


Notes

This script assumes that you already have https bindings for your sites. It replaces the certificate using netsh using the matching bindings that it finds for the certificate.
You can’t perform that action at this time.