ps/Modules/Alkami.PowerShell.IIS/Public/Set-WebTierDefaultWebSite.ps1

function Set-WebTierDefaultWebSite {
<#
.SYNOPSIS
	Ensure there is a default website and it is properly configured to be how we expect the defaults to be configured
#>

    [CmdletBinding()]
    Param()

    $logLead  = (Get-LogLeadName);
    $mgr = New-Object Microsoft.Web.Administration.ServerManager

    if ($null -eq $mgr.Sites["Default Web Site"]) {
        Write-Output "$logLead : Adding Default Web Site"
        $mgr.Sites.Add("Default Web Site", "C:\Inetpub\wwwroot", "80") | Out-Null
    }

    $site = $mgr.Sites["Default Web Site"]
    $sslBinding = $site.Bindings | Where-Object {$_.Protocol -eq "https"}

    if ($null -eq $sslBinding) {
        Write-Output "$logLead : SSL binding for Default Web Site not found -- creating it"

        $sslBindingText = "*:443:"
        $personalStore = [System.Security.Cryptography.X509Certificates.StoreName]::My
        $certificate = @(Get-ChildItem cert:\localmachine\my | Where-Object { $_.FriendlyName -match "WMSVC" })[0]

        if ($null -eq $certificate) {
            Write-Warning ("$logLead : Could not locate WMSVC certificate to bind to the Default Web Site.  Create the SSL binding manually or NLB health checks may fail!")
            return
        }

        ($site.Bindings.Add($sslBindingText, $certificate.GetCertHash(), $personalStore, [Microsoft.Web.Administration.SslFlags]::None)) | Out-Null
        $mgr.CommitChanges()
    }
    elseif ($sslBinding.SslFlags.HasFlag([Microsoft.Web.Administration.SslFlags]::Sni)) {
        Write-Output "$logLead : SSL binding for Default Web Site has the Sni flag -- clearing it"
        $sslBinding.SslFlags = [Microsoft.Web.Administration.SslFlags]::None;
        $mgr.CommitChanges()
    }
}

Set-Alias -name Configure-WebTierDefaultWebSite -value Set-WebTierDefaultWebSite;
First full commit 2023-05-30 22:51:22 -07:00			`function Set-WebTierDefaultWebSite {`
			`<#`
			`.SYNOPSIS`
			`Ensure there is a default website and it is properly configured to be how we expect the defaults to be configured`
			`#>`

			`[CmdletBinding()]`
			`Param()`

			`$logLead = (Get-LogLeadName);`
			`$mgr = New-Object Microsoft.Web.Administration.ServerManager`

			`if ($null -eq $mgr.Sites["Default Web Site"]) {`
			`Write-Output "$logLead : Adding Default Web Site"`
			`$mgr.Sites.Add("Default Web Site", "C:\Inetpub\wwwroot", "80") \| Out-Null`
			`}`

			`$site = $mgr.Sites["Default Web Site"]`
			`$sslBinding = $site.Bindings \| Where-Object {$_.Protocol -eq "https"}`

			`if ($null -eq $sslBinding) {`
			`Write-Output "$logLead : SSL binding for Default Web Site not found -- creating it"`

			`$sslBindingText = "*:443:"`
			`$personalStore = [System.Security.Cryptography.X509Certificates.StoreName]::My`
			`$certificate = @(Get-ChildItem cert:\localmachine\my \| Where-Object { $_.FriendlyName -match "WMSVC" })[0]`

			`if ($null -eq $certificate) {`
			`Write-Warning ("$logLead : Could not locate WMSVC certificate to bind to the Default Web Site. Create the SSL binding manually or NLB health checks may fail!")`
			`return`
			`}`

			`($site.Bindings.Add($sslBindingText, $certificate.GetCertHash(), $personalStore, [Microsoft.Web.Administration.SslFlags]::None)) \| Out-Null`
			`$mgr.CommitChanges()`
			`}`
			`elseif ($sslBinding.SslFlags.HasFlag([Microsoft.Web.Administration.SslFlags]::Sni)) {`
			`Write-Output "$logLead : SSL binding for Default Web Site has the Sni flag -- clearing it"`
			`$sslBinding.SslFlags = [Microsoft.Web.Administration.SslFlags]::None;`
			`$mgr.CommitChanges()`
			`}`
			`}`

			`Set-Alias -name Configure-WebTierDefaultWebSite -value Set-WebTierDefaultWebSite;`