About the author
Let's Encrypt™ is a SSL certificate issuing authority that started around Jun 2015. It went into beta sometime around the last quarter of 2015, and I joined, getting a SSL certificate for this site.
When it was announced that Let's Encrypt only issue SSL certificates that have a lifetime of 3 months, I decided to get an application that can renew my SSL certificate automatically. This turned out to be lets-encrypt-win-simple which has since been renamed to be called "A Simple ACME Client for Windows".
Back then, I also wrote a PowerShell script which automatically binds the renewed SSL certificate. The PowerShell script follows:
# Imports a PFX with passwordfunction Import-PfxCertificate {param([String]$certPath,[String]$certRootStore = "CurrentUser",[String]$certStore = "My",$pfxPass = $null) $pfx = new-object System.Security.Cryptography.X509Certificates.X509Certificate2 if ($pfxPass -eq $null) {$pfxPass = read-host "Enter the pfx password" -assecurestring} $pfx.import($certPath,$pfxPass,“Exportable,PersistKeySet”) $store = new-object System.Security.Cryptography.X509Certificates.X509Store($certStore,$certRootStore) $store.open("MaxAllowed") $store.add($pfx) $store.close()}# Imports a PFX without passwordfunction Import-509Certificate { param([String]$certPath,[String]$certRootStore,[String]$certStore)$pfx = new-object System.Security.Cryptography.X509Certificates.X509Certificate2$pfx.import($certPath)$store = new-object System.Security.Cryptography.X509Certificates.X509Store($certStore,$certRootStore)$store.open("MaxAllowed")$store.add($pfx)$store.close()}$dir = "C:\Users\SSLCertificateDirectory" #Path of SSL certificate directory$filespec = "*.pfx"# Gets the certificate where the LastWriteTime is after yesterday, and put its name into $Name$Name = (Get-ChildItem "$dir\$filespec" | where-object LastWriteTime -gt (get-date).AddDays(-1)).Name# Skip if $Name is emptyIf ($Name -ne "") { $PFXName=-join($dir, "\", $Name) # Import cert into Local Computer\Personal\Certificates, not necessary to import, as it's imported by letsencrypt automatically Import-509Certificate $PFXName "LocalMachine" "My" $certhash=(Get-ChildItem Cert:\LocalMachine\My\ | select Subject,NotBefore,NotAfter,Thumbprint | where-object Subject -Like "*chuacw.ath.cx*" | where-object NotBefore -gt (get-date).AddDays(-1)).Thumbprint # Write-Host $certhash #Bind the certificate to the site... BlogName is the name of the site to bind to. (Get-WebBinding -Name BlogName -Port 443 -Protocol "https").AddSslCertificate($certhash, "my")}
The PowerShell script has since been reduced to:
$certhash=(Get-ChildItem Cert:\LocalMachine\My\ | select Subject,NotBefore,NotAfter,Thumbprint | where-object {$_.Subject -Like "*chuacw.ath.cx*" -and $_.NotBefore -gt (get-date).AddDays(-1)}).Thumbprint #Bind the certificate to the site... (Get-WebBinding -Name BlogName -Port 443 -Protocol "https").AddSslCertificate($certhash, "my")
Learn why the map is cool in Go!
A method to design records so that they're allocated on a specific byte boundary, such as 16 bytes, 512 bytes, 4096 bytes, etc.
Learn the command line used to compile System.pas in Delphi
How to free more space on your home drive by redirecting the location for SDKs in RAD Studio