diff --git a/ACMESharp/ACMESharp.Providers.IIS/IisHelper.cs b/ACMESharp/ACMESharp.Providers.IIS/IisHelper.cs index d2c1596a..73563210 100644 --- a/ACMESharp/ACMESharp.Providers.IIS/IisHelper.cs +++ b/ACMESharp/ACMESharp.Providers.IIS/IisHelper.cs @@ -94,7 +94,7 @@ public static IEnumerable ListWebSitesBindings() } } - public static void UpdateSiteBinding(IisWebSiteBinding binding, string certStore, byte[] certHash) + public static void UpdateSiteBinding(IisWebSiteBinding binding, string certStore, byte[] certHash, bool keepExistingSslFlags = false) { using (var iis = new ServerManager()) { @@ -120,10 +120,13 @@ public static void UpdateSiteBinding(IisWebSiteBinding binding, string certStore ++bindingCount; b.CertificateStoreName = certStore; b.CertificateHash = certHash; - if (binding.BindingHostRequired.GetValueOrDefault() && GetIisVersion().Major >= 8) - b.SetAttributeValue("sslFlags", 1); - else - b.SetAttributeValue("sslFlags", 3); + if (!keepExistingSslFlags) + { + if (binding.BindingHostRequired.GetValueOrDefault() && GetIisVersion().Major >= 8) + b.SetAttributeValue("sslFlags", 1); + else + b.SetAttributeValue("sslFlags", 3); + } } } diff --git a/ACMESharp/ACMESharp.Providers.IIS/IisInstaller.cs b/ACMESharp/ACMESharp.Providers.IIS/IisInstaller.cs index 6612fd13..01792b70 100644 --- a/ACMESharp/ACMESharp.Providers.IIS/IisInstaller.cs +++ b/ACMESharp/ACMESharp.Providers.IIS/IisInstaller.cs @@ -45,6 +45,9 @@ public bool? BindingHostRequired public bool Force { get; set; } + public bool KeepExistingSslFlags + { get; set; } + public string CertificateFriendlyName { get; set; } @@ -82,7 +85,7 @@ public void Install(PrivateKey pk, Crt crt, IEnumerable chain, IPkiTool cp) { if (BindingHostRequired.HasValue) oldBinding.BindingHostRequired = BindingHostRequired; - IisHelper.UpdateSiteBinding(oldBinding, certStore, certHash); + IisHelper.UpdateSiteBinding(oldBinding, certStore, certHash, keepExistingSslFlags: KeepExistingSslFlags); } } else