When working in a Sitecore standalone environment (XP0) local, it’s common to renew its SSL certificate for several reasons, and it can take some time as many of the steps are manual, like updating IIS bindings, updating thumbprints on file systems, trusting certificate, etc…
So to save time I created the PowerShell script below that will execute the following steps:
- Create a new local certificate;
- Update Sitecore sites IIS bindings;
- Update the certificate thumbprints on Sitecore config files on Sitecore, xConnect, and IdentityServer sites;
- Grant read access to IIS on new certificates;
Save the script file above on your local Sitecore machine and execute it on Powershell as administrator as on the print screen below, remember to set at least one website parameter (-Sc, -Xc, -Is) according to your environment:
& '.\Sitecore Self-Signed Cert Local.ps1' -sc sc93sc.dev.local -Xc sc93xconnect.dev.local -Is sc93identityserver.dev.local
If there are multiple DNSs in your environment or specific DNSs different from its IIS site names, set it on the -Dn parameter separated by coma as below:
& '.\Sitecore Self-Signed Cert Local.ps1' -sc sc93sc.dev.local -Xc sc93xconnect.dev.local -Is sc93identityserver.dev.local -Dn sc93sc.dev.local,sc93xconnect.dev.local,sc93identityserver.dev.local,sc93sc-variation.dev.local
An important note, the script considers a standard XP0 installation, if there was customization in the config files that reference the thumbprint, it is necessary to update the script on the part that is replacing the thumbprint on these config files.
References
https://errorcotidianam.blog/2021/03/08/sitecore-self-signed-certificate-does-not-show-up-in-iis
https://errorcotidianam.blog/2021/01/12/sitecore-10-upgrade-marketing-automation-issues
https://www.bauer-power.net/2021/09/simple-powershell-script-to-update-ssl.html