starred/win-acme-win-acme
1
0
Fork 0
mirror of https://github.com/win-acme/win-acme.git synced 2026-04-27 03:55:56 +03:00
Code Issues Projects Packages Wiki Activity
Page: Install script
Pages
A specified logon session does not exist Advanced logging Advanced usage Apache 2.4 basic usage Application Logging Application Settings Azure DNS validation Basic usage CSR Plugins Command Line Arguments Command line Create a SAN certificate Custom plugins DNS validation plugins Development Enhancement voting Example Scripts HTTP Validation Plugins HTTPS Binding With Specific IP Home How To Run How to Compile From Source Code IIS 7.5 and Lower Install script Installation plugins Issues and workarounds Load balancing Microsoft Exchange Microsoft Remote Desktop Server Migration to v1.9.5 Migration to v1.9.9 Migration to v2.0.0 Missing Certificate Chain Plugins Renewal Management Store plugins Target plugins Task Scheduler Uninstall instructions Upgrades Validation issues Validation plugins web_config.xml
10 Install script
Wouter Tinus edited this page 2019-06-01 18:12:42 +02:00
Table of Contents

Overview

You can run an install script directly from the client after the certificate is generated.

How to Use

You just need to append 2 or 3 arguments to the client when you run it in unattended mode.

  --installation script   Trigger script installer plugin 

  --script                Full path to the script for installation

  --scriptparameters      Command line parameters provided to the script

--script is needed to use a script. You just need to put in the location of the script you want to run.

--script C:\Scripts\certinstall.ps1

--scriptparameters accepts a string to format the available parameters. If you don't specify it, no parameters are sent to your script.

Let's put it all together now

wacs.exe --host domain.com --webroot C:\sites\domain.com\ --installation script --script C:\scripts\certinstall.ps1 --scriptparameters "'{CertCommonName}' '{CacheFile}'"

The parameters passed to your script would look like this

'example.com' 'C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Certificates\1234596-cache.pfx'

If you need to put double quotes around your parameters you just have to escape them with a slash, for example:

--scriptparameters "\"{CertCommonName}\" \"{CertThumbprint}\""

Note that for Powershell scripts, string parameters have to be delimited by single quotes, for example:

--scriptparameters "'{CertCommonName}' '{CertThumbprint}'"

If you want to add your own static parameters or use named parameters rather than positional ones, you are of course free to mix text between the variables, for example:

--scriptparameters "constant --myparam2:{CertCommonName} --myparam3({CertThumbprint}) --silent --force"

Available script parameters

{0} or {CertCommonName}    - Common name (primary domain name)
{1} or {CachePassword}     - The .pfx password (generated randomly for each renewal)
{2} or {CacheFile}         - Full path of the cached.pfx file
{4} or {CertFriendlyName}  - Friendly name of the generated certificate
{5} or {CertThumbprint}    - Thumbprint of the generated certificate
{7} or {RenewalId}         - Id of the renewal

{3} or {6} or {StorePath}  - Path or store name used by the store plugin
{StoreType}                - Name of the plugin (CentralSsl, CertificateStore or PemFiles)

Note for users of Windows Server 2008

Windows Server 2008 ships with Powershell 2.0 which seems to have issues with starting from WACS. Installing the latest version of Powershell mitigates the issue.

Please refer to https://pkisharp.github.io/win-acme/ for up-to-date documentation.