Siguiendo lo que describen aqui.
Con el enfoque original (asociar certificado con IP y puerto) llega un momento en que se intenta “sobreescribir” la asociaciĆ³n de certificados con ips. Este enfoque no sirve para webservers con varios sites. Haciendolo de esta otra forma (asociando hostname:ip con certificado) podemos tener tantos sites y hostnames como sea necesario.
diff /usr/local/lib/python2.7/dist-packages/ansible/modules/windows/win_iis_webbinding.ps1 /home/psf/prov/ansible/lib/ansible/modules/windows/win_iis_webbinding.ps1 24d23 < 68,69c67 < # "sslFlags" = $args[0].sslFlags < "sslFlags" = '1' --- > "sslFlags" = $args[0].sslFlags 91c89 < New-WebBinding @binding_parameters -Force -SslFlags 1 --- > New-WebBinding @binding_parameters -Force 106,110d103 < $host_header = $binding_parameters["HostHeader"] < if(!$host_header) { < $host_header = "" < } < 113,122c106,109 < $result.host_header = $host_header < $result.certificatehash = $certificateHash < $result.certificatestorename = $certificateStoreName < < < $guid = [guid]::NewGuid().ToString("B") < netsh http add sslcert hostnameport="$($host_header):$($port)" certhash="$certificateHash" certstorename="$certificateStoreName" appid="$guid" < # Push-Location IIS:\SslBindings\ < # Get-Item Cert:\LocalMachine\$certificateStoreName\$certificateHash | New-Item "$($ip)!$($port)!$($host_header)" < # Pop-Location --- > > Push-Location IIS:\SslBindings\ > Get-Item Cert:\LocalMachine\$certificateStoreName\$certificateHash | New-Item "$($ip)!$($port)" > Pop-Location
…