How to Automate SSL Renewals for ScreenConnect on Windows

By
Chris Evans
-
0
12
Asked By CuriousCoder42 On

Hey folks! I'm looking for some solid advice on automating SSL renewals for my ScreenConnect server. Here's a bit about my setup:

- I'm hosting ScreenConnect on a Windows Server that's running in AWS.
- Currently, I manually purchase a new SSL certificate each year and then I manually install and bind that certificate.

My goal is to eliminate the yearly manual work and have renewals happen automatically with minimal involvement. I'm interested in recommendations that would work well in my environment and would love step-by-step guidance for setup.

Here are a few specific questions I have:

- What approach is best for ScreenConnect on Windows in an AWS environment?
- Should I go for Let's Encrypt, AWS Certificate Manager, ACME, or something else entirely?
- Are there tools or scripts you use to automatically renew and re-bind the certificate for ScreenConnect?
- What's the best way to handle binding without causing access issues during renewals?
- Any potential pitfalls specific to using ScreenConnect on Windows Server?

If anyone here has successfully set up a similar system, I would be super grateful for a practical walkthrough. Thanks a lot!

4 Answers

Answered By ScriptNinja88 On

If you're using Let's Encrypt, I usually handle the renewal myself. However, I recently tried using 'certifytheweb' to automate cert creation, which just needs a scheduled task in PowerShell:

```powershell
$hostname = 'x.x.com';
$certhash = dir cert:localmachinemy | where {$_.Subject -eq "CN=$($hostname)"} | select -last 1 | select-object -ExpandProperty Thumbprint

netsh http update sslcert ipport=0.0.0.0:443 certhash=$certhash appid='{00000000-0000-0000-0000-000000000000}'
```

This setup seems to work well for me! Just a heads up, the 'certifytheweb' tool isn't free for business use.

Answered By TechSavvyJoe On

Honestly, I don't think ConnectWise will make this easy for you since it might push you to use their paid platform. Their system architecture isn't very modern, so you might end up having to create a hacky solution that could break when they change their code. It's a shame because ScreenConnect has potential, but their business model doesn't seem to favor ease of use.

Answered By SysAdminPro On

You really should just be using 'acme-win'. If you're on AWS, you should know how to handle these basic sysadmin tasks!

Answered By DevGuru99 On

You might want to check out 'simple-acme'; it could be just what you need!

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.