I am using Windows Chef cookbook https://supermarket.chef.io/cookbooks/windows/versions/5.0.0#readme
to create and bind ssl.
First I tried:
# Create/update certificate
windows_certificate "create cert" do
source "c://hn/ssl/cert.pfx"
pfx_password {cert_pass}
store_name "WEBHOSTING"
action :create
end
# Bind certificate
windows_certificate_binding "bind to IIS" do
action :create
cert_name "{my_ssl_hash_number}"
name_kind :hash
port 443
store_name "WEBHOSTING"
end
And I'm getting below error:
STDOUT: SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated.
And I did some research, looks like the cert I imported is not exportable, need to grant private key access, reference from: SSL Certificate add failed when binding to port
And below is my second attempt:
# Create/update certificate
windows_certificate "create cert" do
source "c://hn/ssl/cert.pfx"
pfx_password {cert_pass}
store_name "WEBHOSTING"
private_key_acl ["IIS_IUSRS"]
action [:create, :acl_add]
end
# Bind certificate
windows_certificate_binding "bind to IIS" do
action :create
cert_name "{my_ssl_hash_number}"
name_kind :hash
port 443
store_name "WEBHOSTING"
end
However, I'm still getting error:
STDOUT: STDERR: C:\Users\Administrator\AppData\Local\Temp\chef-script20180823-492-10cuvyo.ps1 : no private key exists.
Can anyone help me out? How can I correctly import the ssl and bind to the IIS? Thanks in advance.
The alternative solution for me is to use powershell script to add the SSL certificate instead of using the windows cookbook