One task you’ll need to perform, sooner or later, is change or update the SSL certificate that a specific Application is using. Here’s how:
First, import the new SSL certificate (complete with private key) into the Computer’s Personal store.
Next, you’ll need the thumbprint of that certificate. Sure, you could copy it from the certificate details in the GUI, and delete all the spaces and convert all the letters to uppercase, but, since we’re going to need to be PowerShell anyway, we might as well use it to get the info we need:
Get-ChildItem -Path cert:LocalMachineMy | select Subject, FriendlyName, Thumbprint
You should get a nice, easy to read, list of the certs in the Computer’s Personal store. If the Subject or Friendly name are appropriately descriptive you should be find your cert. Copy the conveniently formatted Thumbprint.
Now, get your Web Application Proxy Application and set the new certificate:
Get-WebApplicationProxyApplication -Name <AppName> | Set-WebApplicationProxyApplication -ExternalCertificateThumbprint <Thumbprint>
Shane Skriletz, PEI