I am trying to export all the SSL certificates on IIS 6.0 sites from a specificed remote server to a centralized backup server so we can migrate and/or backup our SSL certificates, however I cannot figure out how to do this with IIS 6.0 (all our servers in staging and production still run IIS 6.0). Is there a way to do with C# and System.Management for targeting IIS 6.0 w开发者_运维技巧eb sites. I have tried everything I could think of.
Pseduo Logic: Get a list of all IIS Web Sites on Server X If the site has an SSL certificate binding associated with it, export the SSL certificate with the name of the IIS Web Site.
Here’s the code that is closer to what I need for for IIS 7.0:
using (ServerManager serverManager = ServerManager.OpenRemote(this.ServerName))
{
string collectionDisplay = null;
if (serverManager.Sites != null)
collectionDisplay = "There are " + serverManager.Sites.Count.ToString() + " sites:\n\n";
string siteDisplay = null;
foreach (Site site in serverManager.Sites)
{
siteDisplay = siteDisplay + site.Name + ": ID = " + site.Id + "\n";
// Display each property of each bindings.
string bindingDisplay = null;
foreach (Binding binding in site.Bindings)
{
if (binding.Protocol == "https")
{
bindingDisplay = bindingDisplay + " Binding:\n BindingInformation: " + binding.BindingInformation;
// There is a CertificateHash and CertificateStoreName for the https protocol only.
bindingDisplay = bindingDisplay + "\n CertificateHash: " +
binding.CertificateHash + ": ";
//Add the certificate hash to the collection
if (!IisCertificateHashCollection.ContainsKey(binding.CertificateHash))
{
IisCertificateHashCollection.Add(binding.CertificateHash, site.Name);
//IisCertificateHashCollection.Add(new KeyValuePair<string, byte[]>(site.Name, binding.CertificateHash));
}
// Display the hash.
foreach (System.Byte certhashbyte in binding.CertificateHash)
{
bindingDisplay = bindingDisplay + certhashbyte.ToString() + " ";
}
bindingDisplay = bindingDisplay + "\n CertificateStoreName: " +
binding.CertificateStoreName;
}
bindingDisplay = bindingDisplay + "\n EndPoint: " + binding.EndPoint;
bindingDisplay = bindingDisplay + "\n Host: " + binding.Host;
bindingDisplay = bindingDisplay + "\n IsIPPortHostBinding: " + binding.IsIPPortHostBinding;
bindingDisplay = bindingDisplay + "\n Protocol: " + binding.Protocol;
bindingDisplay = bindingDisplay + "\n ToString: " + binding.ToString();
bindingDisplay = bindingDisplay + "\n UseDsMapper: " + binding.UseDsMapper + "\n\n";
}
siteDisplay = siteDisplay + bindingDisplay;
}
collectionDisplay = collectionDisplay + siteDisplay + "\n";
}
Here’s the code I can’t quite get/don't know how to obtain the needed info from IIS 6.0, I cannot get the query correct:
// Connection succeeds, so there is no issue with that (left out code for that in sample)
ManagementScope scope = new ManagementScope(string.Format(@"\\{0}\root\cimv2", serverName, options));
//ManagementScope scope = new ManagementScope(string.Format(@"\\{0}\root\MicrosoftIISV2", serverName, options));
scope.Connect();
ObjectQuery oq = new ObjectQuery(@"SELECT * FROM Win32_NTDomain");
ManagementObjectSearcher query = new ManagementObjectSearcher(scope, oq);
ManagementObjectCollection queryCollection = query.Get();
foreach (ManagementObject mo in queryCollection)
{
foreach (PropertyData pd in mo.Properties)
{
}
}
You can use System.DirectoryServices
to get the certificate hash on IIS6:
DirectoryEntry dir = new DirectoryEntry(@"IIS://Localhost/W3SVC/1"); //this is the metabase path
PropertyValueCollection vals = dir.Properties[SSLCertHash]; //this is the propertyName
The rest is the same as in IIS7.
Hope this helps, Rotem Varon
精彩评论