locked
Certificate Rebind in IIS 8.5 RRS feed

  • Question

  • User1519724378 posted

    Hello,

    I'm trying to rebind an expired public SSL certificate automatically as explained in this article:

    https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-85/certificate-rebind-in-iis85

    My Windows 2012 R2 with IIS 8.5 doesn't rebind automatically. Are there more steps required than mentioned in the article?

    I have a expired public wildcard certificate that is bound to a few dozen sites and it would save me a lot of time if the rebind process could be automated.

    Thank you in advance for any suggestions.

    Saturday, June 30, 2018 7:35 AM

All replies

  • User121216299 posted

    Hi romarfr,

    The steps which mentioned in the links are enough and there is no any other steps need to perform as per my knowledge and searching results.

    Make sure that your Windows 2010 R2 is installed with latest updates.

    If there is any pending updates available then try to install it.

    Then again try to produce the issue.

    If issue persists then let us know about it.

    If you got any error then also inform us about it.

    We will try to provide you further suggestions.

    Regards

    Deepak 

    Monday, July 2, 2018 3:20 AM
  • User1519724378 posted

    Hello Deepak,

    All the critical Windows updates are installed.

    Are the steps mentioned in this article still necessary?

    https://social.technet.microsoft.com/wiki/contents/articles/14250.certificate-services-lifecycle-notifications.aspx

    Do I have to create a new certificate services notification tasks and do I have to enable Auto Enrollment settings in the GPO?

    I don't see any certificate-renewal event (event ID 1001), but I several  events  that a certificate is about to expire (event ID 1003) and that a certificate has expired (event ID 1002).

    Thanks

    Romarfm

    Monday, July 2, 2018 8:04 AM
  • User121216299 posted

    Hi Romarfm,

    As per the documentation below,

    Certificate Rebind in IIS 8.5

    IIS 8.5 and later have a new feature that automates the rebinding of a renewed certificate. This feature, called Certificate Rebind, ensures that a certificate will automatically be rebound to a Web site after the certificate has been renewed. You enable this feature for all HTTPS Web sites on a server in the Server Certificates dialog box of the IIS Manager.

    Certificate rebind leverages the notification functionality in a Windows 8 and Windows Server 2012 helper mechanism called Certificate Services Lifecycle Notifications. This mechanism creates a system event whenever a certificate-related action takes place, such as when a new certificate is installed, an existing certificate expires or is about to expire, or a certificate is renewed.

    So as per the documentation, If you enable this feature then it will do this process by itself and you not need to perform any steps manually.

    But as per your experience, It is not binding the new certificates automatically, So as a work around you can try to follow the steps and try to use that PowerShell script to do this operation manually may help you to bind the updated certificates.

    Regards

    Deepak 

    Tuesday, July 3, 2018 3:16 AM
  • User1519724378 posted

    Hi Deepak,

    I applied your suggested work around and did the rebind via a PowerShell script.

    This was not the solution I was hoping for, but it saved me a few hours of manual work.

    Thanks!

    Romarfm

    Sunday, July 8, 2018 7:54 AM