A target plugin is responsible for providing information about a (potential) certificate to the rest of the program. Its primary purpose is to determine which host names should be included in the SAN list, but can also provide extra information such as the preferred common name or bindings to exclude.

The following target plugins are currently available.

IIS binding

• Single binding of an IIS site
• Automatically updates webroot path
• Unattended --target iisbinding --host example.com [--siteid 1]

IIS site

• SAN certificate for all bindings of an IIS site
• Automatically updates webroot path
• Automatically adds/removes host names based on bindings
• Unattended --target iissite --siteid 1 [--excludebindings example.com]

IIS sites

• SAN certificate for all bindings of multiple IIS sites
• Automatically updates webroot paths
• Automatically adds/removes host names based on bindings
• Unattended --target iissites --siteid 1,2,3 [--excludebindings example.com]

Manual

• Manually input host name(s)
• Unattended --target manual --host a.example.com,b.example.com

CSR

• Certificate signing request generated by another piece of software
• Unattended --target csr --csrfile C:\csr.txt [--pkfile C:\key.txt]