*Complete these steps after you have successfully imported the SSL Certificate into IIS.*
- Run Powershell ISE as Administrator
- Update the two variables in the script where OLD is the thumbprint of the SSL expiring this year and NEW is the thumbprint of the SSL expiring the next year
- Paste the updated script into the top box of ISE and RUN
- Spot check a few sites to ensure bindings updated
- For good measure you should be able to safely remove the cert that expires this year unless it is still bound to a site
SedonaASP
2022 cf08e5a3d17537040f76661d06a740d350d70676
2023 ec12949006265793c0bc136d0432d3e8ad76cdba
SedonaOffice
2025 4d7edaf7c8d55305887cf9d9b7c143ef830767dc
2025May 5a48d558b7aafbd076b56c78c14b2ef91d5252d4
$OLDCertificateThumbprint = "4d7edaf7c8d55305887cf9d9b7c143ef830767dc"
$NEWCertificateThumbprint = "5a48d558b7aafbd076b56c78c14b2ef91d5252d4"
#Show bindings where the old certificate is in use
Get-WebBinding | Where-Object { $_.certificateHash -eq $OLDCertificateThumbprint} | Format-Table
#Select bindings where the old certificate is in use and attach the new certificate
Get-WebBinding | Where-Object { $_.certificateHash -eq $OLDCertificateThumbprint} | ForEach-Object {
Write-Host "Working on" $_
$_.RemoveSslCertificate()
$_.AddSslCertificate($NEWCertificateThumbprint, 'My')
}
#Show bindings where the new certificate is in use
Get-WebBinding | Where-Object { $_.certificateHash -eq $NEWCertificateThumbprint}
