I have a network of 700 POS machines, running Windows 7 Embedded, with IIS installed. I use the IIS only for FTP functionality to send and receive files from my POS.
I am now looking to make this FTP over SSL, rather than plain text FTP. I successfully set this up in my lab, manually. Now that I am looking to deploy it to the rest of the fleet, I would love to automate it via powershell. I am pretty good with automating processes with powershell already, but I don’t have much experience with the IIS side of things.
Currently I have a script that looks like this:
path to certificate
$certPath = ‘C:\Upgrades\cert\retail.mydomain.local.pfx’
import the pfx certificate into the personal store
certutil.exe -importPFX $certPath
add the web administration module
Import-Module -Name webadministration
$defaultFTP = ‘IIS:\Sites\Default FTP Site’
set the properties to require FTP over SSL
Set-ItemProperty -Path $defaultFTP -Name ftpServer.security.ssl.controlChannelPolicy -Value 1
Set-ItemProperty -Path $defaultFTP -Name ftpServer.security.ssl.dataChannelPolicy -Value 1
This imports my cert into the personal store, and requires SSL over FTP (both data channel and control).
I am thinking that now I need to be able to tell the FTP site to use the certificate in my personal store, and set the port for the data channel (I picked 5001) in the FTP Firewall Support section.
I haven’t really been able to find what I am looking for via searching - I am hoping someone here can help point me in the right direction.