Binding SSL Certs on Windows Installer XML (WiX) deployed Web Applications
This tutorial is about using SSL certs with WiX for IIS websites. For those of you whom didn’t know, WiX is an MSI generator. You can even deploy IIS applications with WiX’s MSI’s.
Warning: I suck at wix
Now I am going to start of by saying, I am far from an expert on wix.
If someone knows a better way please comment below. Tell me I am wrong
Danger: Some WiX Knowledge Required
Ok so before I go on, I am not going to explain everything from scratch.
I’m assuming you might know the basics of WiX here, and you have done iis things with it.
Show me Teh Codez…
Ok here it goes…In your fragment that declares your website you need to declare a binary. This says basically bundle the binary code from this file into the msi. This can go right under your fragment tag. The sourceFile tag should be the path to your certificate.
Ok…So I’m hoping you know how the iis stuff with wix works if you have read up to this point (and heeded my warnings)
When you go to declare your component the iis certificate declaration needs to be a child of the component tag. The certificate needs to be the same level as your website tag.
The binary key in the certificate tag needs to match the ID of the binary tag we declared. I like to add it to local machine, personal store. Request must be no. Obviously the PFXPassword needs to be the password to your pfx file.
Ok so now we have our certificate declared in IIS. We need to bind against it. So you will probably end up with something like the following:
You have declared a website, in it you have added 2 web addresses. A web address that is on port 443, and is secure. Another one that is on 80, and is not. You will have declared a certificate reference that matches your iis certificate tag.
So I know there has to be a better way here. I’m not sure how to configure IIS to do this with wix. However according to Stack Overflow you could redirect on begin request in MVC4+ (or you could do the following in NancyFX).