Windows Server 2012 R2
I recently updated our website to SSL (yay!) but I did it manually using the instructions on https://zerossl.com/usage.html and created batch files to do the work. Used
OpenSSL 1.1.0e 16 Feb 2017 to generate keys and also to convert cert to the Microsoft-required pkcs12 format. Then I imported the cert into the cert store and bound it to the public website. Success!
Now after a manual renewal where I basically did the same thing as above, but deleted the old cert from the store, I want to automate the process. What would be the easiest way for me to do this? I could use Windows Task Scheduler to run the batch files, but I don’t know how to automate the cert import into the store and removal of the old one (because I don’t want a thousand old certs staying in there after years.)
I could use the win-simple client or perhaps the Certify client but I would have to go through a full test cycle since I’ve never used either and don’t know how they work or what “weirdnesses” they might exhibit on my server. Because Windows.