Yesterday I went through literally (yes literally) every host on my IIS server and rebuilt every SSL certificate. I was using the program Let’s Encrypt as my certification authority. Upon first attempt, this was no easy feat with Microsoft IIS. If I had Linux, it would be practically effortless. However, Windows was a different story. Fortunately there is a freeware command line application that assists in the process called letsencrypt-win-simple. For the most part, it does the job well and also create a scheduled task that automatically handles the certificate renewals.
Unfortunately last month I pressed “create all certificates for all sites” in the program. This made at least twice the number of certs I needed, the new ones pertaining to my redirects. This caused a few issues and spammed my Inbox that some certs were expiring.
So yesterday as I said before, I started all from a blank slate. The Let’s Encrypt program had its own folder that stored renewal information. I made a copy and wiped it. Then I cleared out all the unnecessary certs in IIS. Finally I went through one by one and made new valid certs that should renew automatically.
One site wouldn’t accept SSL, but I suspect that is due to the manual HTML encoding used. I’ll be speaking with that webmaster soon.
Free SSL for the win!