tag:help.appveyor.com,2012-11-13:/discussions/questions/976-is-there-an-appveyor-self-signed-trusted-certificate-on-the-build-vm-for-testing-sslAppVeyor: Discussion 2015-02-16T23:58:03Ztag:help.appveyor.com,2012-11-13:Comment/360366612015-02-13T00:49:03Z2015-02-13T00:49:03ZIs there an AppVeyor Self Signed Trusted Certificate on the build VM for testing SSL<div><p>I'm currently setting up integration tests for a web site and I
want to test it works over SSL (actually I want to test the site
enforces SSL).</p>
<p>I've been researching how to automate the addition of a self
signed certificate, which is relatively simple using the following
PowerShell script (using <a href=
"http://stackoverflow.com/a/22993634">this</a> SO answer).</p>
<pre>
<code>Import-Module WebAdministration
Set-Location IIS:\SslBindings
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
$c = New-SelfSignedCertificate -DnsName "myexample.com" -CertStoreLocation cert:\LocalMachine\My
$c | New-Item 0.0.0.0!443</code>
</pre>
<p>Unfortunately the certificate is not trusted by a .net client
(testing the Web API components) or a browser (selenium to test the
pages).</p>
<p>I think I can eventually solve this, by further scripting, but I
was wondering if there could be an <em>out-of-the-box</em>
solution, whereby the build VM comes with a ready made trusted self
signed root certificate, that can be used in the site bindings
specified with the Deployment Agent setting
<code><artifact_name>.certificate</code> (from <a href=
"http://www.appveyor.com/docs/deployment/agent#deploying-artifact-package-as-iis-web-site">
here</a>).</p></div>James Skimmingtag:help.appveyor.com,2012-11-13:Comment/360366612015-02-13T01:42:00Z2015-02-13T01:42:00ZIs there an AppVeyor Self Signed Trusted Certificate on the build VM for testing SSL<div><p>Is it like adding generated certificate to trusted root?</p>
<p><a href=
"https://social.technet.microsoft.com/Forums/en-US/8e016573-9191-4152-8c4e-b74d739f5894/powershell-to-add-a-certificate-to-trusted-root-certification-authorities?forum=winserverpowershell">
https://social.technet.microsoft.com/Forums/en-US/8e016573-9191-415...</a></p></div>Feodor Fitsnertag:help.appveyor.com,2012-11-13:Comment/360366612015-02-13T14:44:20Z2015-02-13T14:44:20ZIs there an AppVeyor Self Signed Trusted Certificate on the build VM for testing SSL<div><p>Yeah, that's it. I've got it working now.</p>
<p>I've added an external PowerShell script
(<code>InstallSelfSignedCert.ps1</code>) which looks like this:</p>
<pre>
<code>$cert = New-SelfSignedCertificate -DnsName ("localtest.me","*.localtest.me") -CertStoreLocation cert:\LocalMachine\My
$rootStore = Get-Item cert:\LocalMachine\Root
$rootStore.Open("ReadWrite")
$rootStore.Add($cert)
$rootStore.Close();
Import-Module WebAdministration
Set-Location IIS:\SslBindings
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
$cert | New-Item 0.0.0.0!443</code>
</pre>
<p>I'm manually adding the site binding, as when I tried with the
Deployment Agent settings, it failed to locate the certificate, as
it has no name and I don't know the thumbprint.</p>
<p>I have to execute it as a command that executes PowerShell like
this yml:</p>
<pre>
<code>before_deploy: PowerShell .\InstallSelfSignedCert.ps1</code>
</pre>
<p>If in-line the PowerShell script into the yml, or execute it
like this:</p>
<pre>
<code>before_deploy:
- ps: .\InstallSelfSignedCert.ps1</code>
</pre>
<p>I get the this error in the build after the scrip executes
<code>Unable to create a new user process.</code></p>
<p>If you want more info on the <code>Unable to create a new user
process.</code> problem let me know, but I have an perfectly
workable solution that i'm happy with so it's no biggie.</p></div>James Skimmingtag:help.appveyor.com,2012-11-13:Comment/360366612015-02-14T01:48:59Z2015-02-14T01:48:59ZIs there an AppVeyor Self Signed Trusted Certificate on the build VM for testing SSL<div><p>Brilliant! Thanks for the great solution - it's worth adding to
docs for future generations :)</p>
<p>Regarding "unable to create a new user process" - I'm just
wondering the line where it comes from.</p></div>Feodor Fitsnertag:help.appveyor.com,2012-11-13:Comment/360366612015-02-14T01:52:05Z2015-02-14T01:52:05ZIs there an AppVeyor Self Signed Trusted Certificate on the build VM for testing SSL<div><p>I've added your solution here: <a href=
"http://www.appveyor.com/docs/deployment/local#installing-self-signed-ssl-certificate-to-a-website">
http://www.appveyor.com/docs/deployment/local#installing-self-signe...</a></p>
<p>Feel free to send PR if you'd like to update it.</p></div>Feodor Fitsner