Hi Support,
Today we encountered a bug on the template “IIS Website - Delete” (version 8).
We have many sites running SSL on a wildcard certificate which are not configured using SNI (Server Name Indication in IIS). IIS will create the ssl-certificate-binding on IP 0.0.0.0 and assigns all the website names to it.
When removing any site the template step removes the default binding because the website name is listed and makes all other sites lose their certificate reference.
I’ve tracked it down to this piece of code:
Execute-WithRetry {
Write-Output "Removing SSL Bindings..."
**Get-Item 'IIS:\SslBindings\' | Get-ChildItem | select $_.Sites | Where-Object { $_.Sites -contains $webSiteName } | Remove-Item**
Write-Output "Removing Web Bindings..."
Get-WebBinding -Name $webSiteName | Remove-WebBinding
Write-Output "Removing web site..."
Remove-WebSite $webSiteName
}
There is no check if the website name is the only one on the binding!
If there are others it should not remove it, or leave the default binding intact as a whole.
As a suggestion, my adjustment will skip the default binding as a whole, but checking if the deleted website is the last on the site-collection and only then delete the binding could also work:
Execute-WithRetry {
$binds = @(Get-Item 'IIS:\SslBindings\' | Get-ChildItem | select $_.Sites | Where-Object { ($_.Sites -contains $webSiteName) -and ($_.Hostname -ne $null)})
if ($binds.Count -gt 0) {
Write-Output "Removing SSL Bindings..."
$binds | Remove-Item
}
Write-Output "Removing Web Bindings..."
Get-WebBinding -Name $webSiteName | Remove-WebBinding
Write-Output "Removing web site..."
Remove-WebSite $webSiteName
}
Can you check this step template and publish a new version?