SBS 2011 Essentials – Manually Installing SSL Certificate

I have been spending some time answering questions in the SBS Essentials forum over at TechNet recently, and i noticed that there is still a lot of outstanding questions and issues with the Remote Access wizard for SBS Essentials, especially surrounding installing an SSL Certificate.

One of the big headaches comes when you have a domain with one of the ‘supported’ registrars, Enom or GoDaddy.

The wizard is designed to push you over to purchase your SSL Certificate from them, if it detects your Domain as being with them, and sadly you don’t get the option to chose a manual installation.

This is a real pain when their service is down or not working, as i have experienced myself a few times. Trying to get supported by Enom was a little painful, and they even pointed me back to one of my own blog posts as a possible solution for how to ‘properly configure’ RWA.

I can see why it is difficult, there is probably only a small team inside each of those companies that is aware of SBSe and the Wizards integration to their SSL platform, and when your domain and SSL have actually been purchased correctly, they rightly suggest the issue is with SBS and point you to MS for support.

Anyway, because of this, and some other challenges people have faced, the Official SBS Blog posted up a really handy guide on how to get the wizard to allow you to install your own certificate.

You can read that here.

Being the huge PowerShell fan i am, and having little else to do with myself that day, i decided to see if i could write a little script that would automate this process as much as could be done. So i did.

You can download the script from here.

You will need to have a PFX file of your certificate available, and know the password to the file as well.

Edit the PS1 file to include your certificate file path, and password.

To run the Script you will need to load the SBS Essentials PowerShell ‘As Admin’ from,

C:\Program Files\Windows Server\Bin (WSSPowerShell.exe)

Navigate to the folder your script is saved in.

To execute the script enter .\”Manual SSL Installation Script.ps1”

You will see a few lines report what the script is doing – then the SBS Essentials Dashboard will launch.

You now need to run the wizard and configure your domain name.

If your domain is with Enom or GoDaddy and you hit this page, don’t worry about actually going to the site it suggests, as it is not required. Just click to the link to go to the page, then close the window. In the wizard, then ‘next’ button is now active and you can continue on.

The rest of the wizard executes as normal, the difference is the SSL process is removed.

Tthe wizard will issue a Self Signed certificate, bypassing any issues with our SSL provider,

Close the dashboard, and press any key in the PowerShell window to continue.

The script will now go ahead and import your SSL PFX file, in to IIS.

You will need to manually type, both the path and the password as a verification.

Once you enter the path and password the process is complete.

You can press any key to complete the script and then close PowerShell.

Your trusted SSL is now installed and the RWA site will function correctly.

Hope this was useful!

If you liked the script please rate it on the TechNet Gallery