function New-WebBinding { <# .SYNOPSIS Adds a new default web binding for IIS Sites .PARAMETER Site The name of the site to add a binding for .PARAMETER Url The url to use for the binding .PARAMETER AppPoolName The app pool to use if it doesn't match the site or url. Will default to the parameter for -Site if not provided #> [CmdletBinding()] [OutputType([void])] Param( [Parameter(Mandatory = $true)] [string]$Site, [Parameter(Mandatory = $true)] [string]$Url, [Parameter(Mandatory = $false)] [string]$AppPoolName = $null # may later be set to the value of the Site name if not provided. ) $logLead = Get-LogLeadName if (Test-StringIsNullOrWhitespace -Value $AppPoolName) { # If a specific app pool name was not passed in, we will use the site name to name it $AppPoolName = $Site } $appPool = Get-AlkamiWebAppPool $AppPoolName if ($null -eq $appPool) { $appPool = New-AlkamiWebAppPool $AppPoolName } # We want to make sure the application pool settings are proper even if it's not new (Set-AlkamiWebAppPoolConfiguration $AppPoolName) | Out-Null $mgr = Get-IISServerManager if ($null -eq $mgr.Sites[$Site]) { Write-Warning "$logLead : Website $Site does not exist" return } else { $httpBindingText = "*:80:$Url" # Requires IISAdministration 1.1.0.0 https://learn.microsoft.com/en-us/powershell/module/iisadministration/new-iissitebinding?view=windowsserver2022-ps # if ($null -eq (Get-IISSiteBinding -Site $Site -BindingInformation $httpBindingText -Protocol 'http')) { if (Test-WebBinding -website $Site -url $Url) { Write-Verbose "$logLead : Binding $httpBindingText already exists on IIS Site $Site" } else { Write-Host "$logLead : Creating Binding $httpBindingText on IIS Site $Site" # Requires IISAdministration 1.1.0.0 https://learn.microsoft.com/en-us/powershell/module/iisadministration/new-iissitebinding?view=windowsserver2022-ps # New-IISSiteBinding -Name $Site -BindingInformation $httpBindingText -Protocol 'http' | Out-Null [void] $mgr.Sites[$Site].Bindings.Add($httpBindingText, "http") } $computerStore = [System.Security.Cryptography.X509Certificates.StoreLocation]::LocalMachine $personalStore = [System.Security.Cryptography.X509Certificates.StoreName]::My $certificate = Find-CertificateBySubjectOrSAN -Subject $Url -StoreLocation $computerStore -StoreName $personalStore if ($null -eq $certificate) { Write-Warning "$logLead : Unable to find a certificate with subject or SAN which matches $Url. The SSL Binding must be created manually." } else { $sslBindingText = "*:443:$Url" # Requires IISAdministration 1.1.0.0 https://learn.microsoft.com/en-us/powershell/module/iisadministration/new-iissitebinding?view=windowsserver2022-ps # if ($null -eq (Get-IISSiteBinding -Site $Site -BindingInformation $sslBindingText -Protocol 'https')) { if (Test-WebBinding -website $Site -url $Url -Ssl) { Write-Verbose "$logLead : Binding $sslBindingText already exists on IIS Site $Site" } else { Write-Host "$logLead : Creating SSL binding $sslBindingText using certificate $($certificate.Subject)" # Requires IISAdministration 1.1.0.0 https://learn.microsoft.com/en-us/powershell/module/iisadministration/new-iissitebinding?view=windowsserver2022-ps # New-IISSiteBinding -Name $Site -BindingInformation $sslBindingText -Protocol 'https' -CertificateThumbPrint $certificate.Thumbprint -SslFlag Sni -CertStoreLocation Cert:\$computerStore\$personalStore | Out-Null [void] $mgr.Sites[$Site].Bindings.Add($sslBindingText, $certificate.GetCertHash(), $personalStore, [Microsoft.Web.Administration.SslFlags]::Sni) } } } Write-Host "$logLead : Setting site to use application pool $AppPoolName" $mgr.Sites[$Site].ApplicationDefaults.ApplicationPoolName = $AppPoolName Save-IISServerManagerChanges $mgr } Set-Alias -name Create-WebBinding -value New-WebBinding;