Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign up
Appearance settings
In a previous post we covered using the System Preparation Tool to convert a VM into a VM Template in XenServer. Once we have used this template to create a new VM, it’s time to set it up as an IIS web server to host some ASP.Net MVC applications.
Revisiting the Basics
Network Settings
When creating a new VM from the template the network settings in the template will also be copied. If it was set to DHCP that will be fine but if the template had a static IP, you should change the IP address to a different one now so that you don’t run into an IP conflict (ie. Two machines on the network using the same IP address).
– start powershell
– sconfig
– Select 
Network Settings
– Select the relevant Network Adapter from the list
– Select 1) Set Network Adapter Address
– Enter S for (S)tatics
– Enter the static IP address
– Enter the subnet mask
– Enter the default gateway
– If required select 2) Set DNS Servers
Advanced Networking
In some cases you may need to get a little more fancy with your networking. For example you may need to set your default gateway to a gateway router that can get your traffic out to the Internet, but you have a backend gateway router that handles communication to IP addresses on your private LAN. In this case you can use the route command to tell Windows to send traffic out through different gateway routers.
– route print will show current routes, note the current default gateway route (0.0.0.0)
– route add 10.0.0.0 mask 255.0.0.0 10.x.x.x -p will send all traffic destined for IP addresses in the 10.0.0.0/8 subnet (ie. Any address starting with ’10.’) out through the 10.x.x.x IP address (backend gateway router). The -p signifies that the route will be persistent and therefore will stick around after a reboot.
– route print will now show your new persistent route both in the Active Routes section and below that under Persistent Routes.
Now that you have this route to the private LAN in place, you can change the default gateway address to the ‘Internet’ gateway server without loosing access to your server over the private LAN. This can be done by reconfiguring the network settings again using sconfig or by simply deleting the default route and adding another one.
– route delete 0.0.0.0
– route add 0.0.0.0 mask 0.0.0.0 10.y.y.y -p will send all traffic destined for an IP that can’t be handled by a more specific route out via the 10.y.y.y router. In this case you would replace the 10.y.y.y with the IP address of your Internet gateway router.
Enable Echo Requests (pings)
This step is optional but if you are going to monitor your server with something like Nagios you probably want to make sure it is online. This will enable the default rule to allow inbound IPv4 pings.
– Set-NetFirewallRule -Name FPS-ICMP4-ERQ-In -Enabled True
Checking Internet Access
Many websites rely on web based resources (API’s etc). Now would be a good time to check that your new server has Internet access (unless you are purposely restricting it).
– Invoke-WebRequest https://google.com -UseBasicParsing
This will show a big red error if it can’t hit Google, or a 200 status code if it can.
Join an Active Directory Domain
If you need to join your server to a domain to make management easier, follow these steps otherwise continue on to the next section to install IIS.
– sconfig
– Select 2) Computer Name
– Set the new computer name and reboot the server
– After the reboot completes, log in again with the Administrator user
– sconfig
– Select 1) Domain/WorkGroup
– Type D for (D)omain
– Enter the name of the domain you wish to join and the relevant administrator credentials
– You will be prompted to change the computer name again, click No as we have already done this.
– Click Yes on the Restart prompt
– After rebooting users should be able to login with your domain credentials.
Switching users on the Server Core login screen
If you are using Remote Desktop you should have a normal sign in experience but if you are still looking at the server’s console with just a CMD window on screen, it may not be immediately obvious how to switch users to log in with your domain credentials instead of the default administrator account. Here’s how:
– To change users hit the ESC at the LoginUI.exe screen
– This will present another sign-on options screen, hit ESC again
– Select Other User
– Enter your domain credentials and log in.
Installing the Web Server Role
Powershell comes with some very useful tools for managing the Window Features that are installed on a server
– start powershell to open a powershell window
– Install-WindowsFeature -Name Web-Server -Confirm will install IIS.
– Get-WindowsFeature will show you a list of all available features and show which are installed.
At this point you should have a base install of IIS running the default website on port 80. If you open a browser and type in the IP address of the server you should see the default IIS website.
Install ASP.NET Support
Install-WindowsFeature -Name Web-Asp-Net45, Web-Net-Ext45 -Confirm
Installing IIS Diagnostic, Performance and Security Goodies
Install-WindowsFeature -Name Web-Custom-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Http-Tracing -ConfirmInstall-WindowsFeature -Name Web-Performance -IncludeAllSubFeature -ConfirmInstall-WindowsFeature -Name Web-Security -IncludeAllSubFeature -Confirm
Installing and Enabling Remote Management for IIS
This will allow us to use the IIS Manager window on another computer to manage our server. Even though we’re installing this now, I won’t be using it to configure the server in the interest of trying to do as much as possible via powershell. The idea is to script all of the server setup so that it can be entirely automated.
– Install-WindowsFeature -Name Web-Mgmt-Service -Confirm
– Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WebManagement\Server\ -Name EnableRemoteManagement -Value 1
– Set-Service -Name WMSvc -StartupType Automatic
– Start-Service -Name WMSvc
Note: You will need to install the IIS Manager on the machine that you will be using to manage the server/s. To do this, run:
–Install-WindowsFeature -Name Web-Mgmt-Tools -Confirm
Website File Structure
The default directory for storing website files for IIS is C:\inetpub\wwwroot. When configuring your websites though you can put the files wherever you like. To make things simpler if you want to sync your website files between multiple web servers or apply special permissions etc, I find it best to store files in a seperate folder.
To keep things organise when hosting multiple websites across multiple domains I like to organise the content on my IIS servers in the following folder structure:
C:
|_WebFarmFiles
|_Content
|_domain1.com
|_subdomain1
|_project1
|_blah.aspx
|_project2
|_subdomain2
|_domain2.com
|_subdomain1
So if you have a site that will live at the URL http://subdomain1.domain1.com/project1/blah.aspx then blah.aspx would be saved to the C:\WebFarmFiles\Content\domain1.com\subdomain1\project1\ folder.
This setup may look a little confusing at first but it will make sense if/when you need to host multiple sites and quickly find things. Of course your system of organising files may vary and it is, of course, personal preference.
New-Item -ItemType Directory C:\WebFarmFiles\Content\domain1.com\subdomain1this should create all the required parent folders for us automatically.
Getting files onto the server
Create Network Share
New-SmbShare -Name WebFarmFiles -Path C:\WebFarmFiles -FullAccess "domain\group1", "domain\group2"- Copy files from another machine onto this one using the share
\\server\WebFarmFiles.
You could also use robycopy or other utilities to copy files from another network share or download files from github etc.
Set up your first Website
Let’s say we copied some files to \\server\WebFarmFiles\Content\domain1.com\subdomain1 which are intended to be accessed at the URL http://subdomain1.domain1.com. Let’s also say that we want this website to run in it’s own Application Pool so that we can manage it’s resource usage easily rather than everything running in the DefaultAppPool
Create the IIS Application Pool
New-WebAppPool -Name subdomain1.domain1.com
Associated cmdlets to explore:
–Remove-WebAppPool
–Get-WebAppPoolState | Select *
–Restart-WebAppPool -Name subdomain1.domain1.com
Change the App Pool Identity
In some cases, the process running your application may need to access files on the network with specific user permissions.
– Set-ItemProperty IIS:\AppPools\app-pool-name -name processModel -value @{userName="domain\user";password="password";identitytype=3}
Set the App Pool startMode
If your application is a big one, you may wish to set it to AlwaysRunning so that the first visitor doesn’t have to wait for it to initialise:
– Set-ItemProperty IIS:\AppPools\app-pool-name -Name startMode -Value AlwaysRunning
– Get-ItemProperty IIS:\AppPools\app-pool-name -Name startMode to check the setting.
Create the IIS WebSite
New-Website -Name subdomain1.domain1.com -ApplicationPool subdomain1.domain1.com -HostHeader subdomain1.domain1.com -PhysicalPath C:\WebFarmFiles\Content\domain1.com\subdomain1\
Associated cmdlets to explore:
–Get-Website
–Remove-WebSite -Name subdomain1.domain1.com
–Stop-Website -Name subdomain1.domain1.com
–Start-Website -Name subdomain1.domain1.com
The new website should now be running and you can access it by pointing the subdomain1.domain1.com URL at your servers IP address either just from your local machine by modifying your hosts file or by modifying the DNS records for the domain1.com domain. These methods are not covered in this article.
Adding an additional binding
In some cases you may have a need to point two different URL’s at the same website.
New-Binding -Name subdomain1.domain1.com -HostHeader subdomain1.domain3.com
In this case, the ‘Name’ of the binding relates to the WebSite it will be linked to.
Associated cmdlets to explore:
–Get-WebBinding
–Get-WebBinding | Select-Object *for a more advanced view
–Remove-WebBinding -HostHeader subdomain1.domain3.com
В данной статье мы установим и проведем базовые настройки веб-сервера IIS на сервере с операционной системой Windows Server 2012-2019.
1. Установим роль веб-сервера IIS.
Пуск (Start) — Диспетчер серверов (Server Manager)
Далее Управление (Manage) — Добавить Роли и Компоненты (Add Roles and Features)
Жмем Далее (Next)
Оставляем выбранную опцию Установка ролей или компонентов (Role-based or feature-based installation) и Далее (Next)
Выбираем локальный сервер, жмем Далее (Next)
Выбираем Веб сервер Web Server (IIS), жмем Добавить Компоненты (Add Features) и Далее (Next)
В следующем окне Далее (Next)
Далее (Next)
Выбираем для установки CGI (в разделе Application Development). Также рекомендую дополнительно установить FTP сервер, что позволит закачивать файлы на сервер с помощью FTP клиента (например FileZilla)
Далее (Next), ставим галочку для автоматического перезапуска сервера после установки роли и кнопку Install
После перезапуска сервера, IIS запустится автоматически. Но если необходимо перезапустить, достаточно выполнить команду (Пуск — Выполнить)
iisreset
или запустить
iisreset /start
Для проверки работы веб-сервера, откройте в браузере страницу http://localhost/
Корневая папка сайта по умолчанию размещена по пути
C:\inetpub\wwwroot
Но часто бывает, что на сервере необходимо разместить несколько сайтов. По этой причине, создадим тестовый сайт со своей корневой папкой.
2. Создание сайта в IIS
Вначале создадим корневую папку сайта на диске сервера. Для примера, будем использовать имя сайта domain.name
Далее в Диспетчере серверов (Server Manager) — в меню Средства (Tools) — откроем Диспетчер служб IIS (Inetnet Information Services (IIS) Manager)
В окне Диспетчера служб IIS необходимо открыть меню сервера — Сайты (Sites) — правой кнопкой мышки — Добавить веб-сайт… (Add Website…)
Заполним указанные на скриншоте обязательные поля
Имя сайта (Site name) — произвольное название сайта.
Физический путь (Physical path) — путь к корневой папке сайта.
Тип (Type) — тип протоколв (http или https). Для начальнйо настройки сайта будет достаточно http протокола.
Имя узла (Host name) — доменное имя сайта.
Жмем кнопку Ок и видим, что в списке сайтов, кроме сайта по умолчанию, добавился наш, только что созданный сайт.
Чтобы проверить работу сайта, создадим в его корневой директории файл с именем index.html и скопируйте в этот файл такое содержимое
<html>
<body>
Тело страницы: Test HTML page
</body>
</html>
Примечание: файл index.html можно открыть программой Блокнот или другим текстовым редактором.
Откройте в браузере страницу своего сайта (в нашем примере это domain.name) и увидите такую страницу.
3. Интеграция IIS и PHP
Перед выполнением этого пункта, необходимо установить на сервере PHP. Для этого воспользуйтесь статьей: Как установить и настроить PHP на Windows Server
Чтобы веб-сервер мог успешно обрабатывать php запросы, необходимо выполнить интеграцию IIS и PHP. Для этого в Модуле IIS перейдите в меню нашего сайта и откройте Отображение обработчика (Handler Mappings)
в списке Действий (Action) которого есть пункт меню «Добавить модульный обработчик» (Add Module Mapping). Заполните форму как на скриншоте и нажмите кнопку «Запрос ограничения» (Request Restrictions…)
Выберите вариант «Файл или папка» (File or folder)
Нажмите ОК, потом снова ОК на форме модульного обработчика и подтвердите создание действия
В списке обработчиков должен появиться только что созданный:
Теперь добавим настройку на уровне веб-сервера, чтобы файл index.php открывался в качестве страницы по умолчанию.
Для этого в меню сервера (а не сайта) открываем «Документ по умолчанию» (Default document),
выбираем в списке действий «Добавить» (Add), заполняем поле Имя (Name) значением index.php и жмем ОК
Полученный результат
Для применения всех настроек необходимо перезапустить веб сервер. Для этого остановим его
и запустим
Интеграция веб-сервера с PHP настроена.
Давайте проверим работу PHP скрипта. Для этого в корневой папке сайта создадим файл с именем index.php, откроем его в блокноте и добавим такое содержимое
<?php
phpinfo();
?>
Сохраним файл и обновим в браузере сайт «http://domain.name/»
Должна отобразиться такая страница
Это значит, что PHP скрипты успешно обрабатываются веб-сервером.
В данной статье мы научились устанавливать на Windows Server 2012-2019 веб-сервер IIS, выполнять первоначальные настройки, интегрировать с установленным ранее PHP и создавать отдельный сайт в IIS Manager.
Recently, I’ve found myself in the position of having to host an application on Windows Server. Having never managed a Windows Server before, I struggled to find relevant information, especially since most of it is written for a Windows Server with installed UI, and the default image on Azure is a Core image, without UI. This is mostly documentation for myself, but maybe you find it helpful too.
This is a cross-post from my personal blog.
Introduction
This is a step by step introduction of how to host an Asp.Net Core application on Windows Server Core with IIS (Internet Information Server).
We will cover how to set up IIS, how to configure it, how to deploy to it with Web Deploy in Visual Studio and securing connections to that application with https.
I’m using a virtual machine from Azure, which provides a nice UI for managing firewall rules. That is probably very different for you, so I’ll just say which ports have to be open, and not cover how to do that.
Setting up the Server
After logging in on the server, you are greeted by a command prompt. Since most commands we will use are PowerShell commands, we have to start it.
Just enter powershell and execute it. After that you should see a PS in front of the prompt.
Now IIS has to be installed. This is done with this command:
Install-WindowsFeature Web-Server
Enter fullscreen mode
Exit fullscreen mode
While installing, PowerShell shows a nice little progress bar:
Enabling Remote Management
Per default, the server does not allow remote management. It has to be enabled by installing the Web-Mgmt-Service and setting the registry entry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WebManagement\Server\EnableRemoteManagement to 1.
Keep in mind that the registry key is only available after Web-Mgmt-Service is installed.
Install-WindowsFeature Web-Mgmt-Service
Enter fullscreen mode
Exit fullscreen mode
Set-ItemProperty -Path Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1
Enter fullscreen mode
Exit fullscreen mode
After executing those commands restart the web server so that the changes take effect:
net stop was /y
net start w3svc
Enter fullscreen mode
Exit fullscreen mode
Also start the Web Management Service, otherwise you won’t be able to connect to it.
net start wmsvc
Enter fullscreen mode
Exit fullscreen mode
Note: IIS Manager connects via port 8172, so make sure it is open on your server.
Enabling Management on your Windows 10 Device
To remotly manage an IIS server, the IIS Manager has to be installed on your device. This can be done in Control Panel -> Programs -> Programs and Features -> Turn Windows features on or off. Activating IIS Management Console is sufficient, IIS itself does not have to be installed.
Out of the box IIS Manager cannot manage remote servers. That features has to be added with IIS Manager for Remote Administration. You can download it here.
After it is installed, IIS Manager will have the menus enabled to connect to a remote IIS.
Now the connection to the remote IIS can be added. Just go to File -> Connect to a Server and fill out the required information.
Note: If you can’t connect, most likely the Port 8172 is not open, or the Web Management Service is not started. Do that with
net start wmsvc
Enter fullscreen mode
Exit fullscreen mode
Configuring IIS to host Asp.Net Core Applications
By default IIS cannot host Asp.Net Core applications. The Asp.Net Core Module is needed for that, which is installed with the .NET Core Windows Server Hosting bundle.
1) Go to the .Net all downloads page
2) Select the .Net Core runtime you need
3) Download Server Hosting Installer (this is just to copy the download url, we need it on the server, not locally)
4) Copy the download url
5) Download the installer on the server with the command
Invoke-WebRequest https://download.microsoft.com/download/8/D/A/8DA04DA7-565B-4372-BBCE-D44C7809A467/DotNetCore.2.0.6-1-WindowsHosting.exe -OutFile C:\Users\YourUsername\Downloads\DotNetCore.2.0.6-1-WindowsHosting.exe
#This is the download url for the latest non-preview runtime at the time of writing (2.0.6).
Enter fullscreen mode
Exit fullscreen mode
6) Execute the installer
C:\Users\YourUsername\Downloads\DotNetCore.2.0.6-1-WindowsHosting.exe
Enter fullscreen mode
Exit fullscreen mode
Now, this is what was really surprising for me. The installer executes with a UI, the same as on any Windows. Being on a Core installation, I thought there would be absolutely no UI, but I was wrong.
This also opens the interesting option to install Chrome and download all necessary files with it.
Restart the web server so that the changes take effect:
net stop was /y
net start w3svc
Enter fullscreen mode
Exit fullscreen mode
Preparing IIS for Web Deploy
Since this is a small project, the most convenient deploy option is Web Deploy directly in Visual Studio.
As with almost everything else, this is not supported out of the box, but can be added.
Web Deploy can be downloaded from the Microsoft Download Center.
Use the same process outlined above, or Chrome, your choice 
Invoke-WebRequest https://download.microsoft.com/download/0/1/D/01DC28EA-638C-4A22-A57B-4CEF97755C6C/WebDeploy_amd64_en-US.msi -OutFile C:\Users\dominik\Downloads\WebDeploy_amd64_en-US.msi
#This is the download url for the latest Web Deploy at the time of writing (3.6).
Enter fullscreen mode
Exit fullscreen mode
Also execute that installer
C:\Users\dominik\Downloads\WebDeploy_amd64_en-US.msi
Enter fullscreen mode
Exit fullscreen mode
Note: I’ve read somewhere that all features have to be installed, and that the installer’s Complete option does not actually install everything. So just select Custom and make sure to that all features are enabled.
Deploying an Asp.Net Core Application
Now we are finally ready to publish the application. Well, almost. A publish profile has to be created first.
1) Right-click on the Asp.Net Core application in the Solution Explorer
2) Select Publish
3) Click on Create new Profile
4) Select IIS, FPT, etc.
5) Select Create Profile where by default Publish is entered
6) Enter the required information
— Site name is either Default Web Site, or, if you created a different one in IIS, the name of that one.
7) Click Validate Connection to check if everything was entered correctly
If it was, click Save
9) Select the created profile
10) Click Publish and watch the magic happen
Configuring SSL
We’ve achieved what we wanted, hosting the application. Now there is only one step left: securing it with SSL. Don’t worry, it’s not difficult, I promise.
There is a great project out there, called Windows ACME Simple, which makes this process really simple.
1) Download the latest release (you can get the download link from the release page of the Github project)
Invoke-WebRequest https://github.com/PKISharp/win-acme/releases/download/v1.9.10.1/win-acme.v1.9.10.1.zip -OutFile C:\Users\dominik\Downloads\win-acme.v1.9.10.1.zip
#This is the download url for the latest version at the time of writing (1.9.10.1).
Enter fullscreen mode
Exit fullscreen mode
2) If this fails with the message The request was aborted: Could not create SSL/TLS secure channel., try execute [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 beforehand (from StackOverflow).
3) Extract the zip file
Expand-Archive C:\Users\dominik\Downloads\win-acme.v1.9.10.1.zip -DestinationPath C:\Users\dominik\Downloads\win-acme.v1.9.10.1
Enter fullscreen mode
Exit fullscreen mode
4) Execute letsencrypt.exe
C:\Users\dominik\Downloads\win-acme.v1.9.10.1\letsencrypt.exe
Enter fullscreen mode
Exit fullscreen mode
5) Select N to create a new certificate in simple mode
6) Select 1 to create a single binding of an IIS site
7) Now you should see a selection of sites you have configured. Select the site you want to secure
After you’ve added an email address and agreed to the subscriber agreement, it does its magic
9) If all goes well, your site is now encrypted and you can quit Windows ACME Simple (Q)
Closing
That’s it. The application is now fully set up. I hope this walkthrough helped you as much as it undoubtedly will help me in the future, the next time I have to set up a Windows Server.
Resources
- Introducing Windows Server, version 1709
- Manage a Server Core server
- Configure an IIS Server Core server for remote management
- Host ASP.NET Core on Windows with IIS
Follow me on Twitter for more of my thoughts, articles, projects and work.
You can also follow these steps to install Internet Information Services (IIS) Manager on a Windows Server Core edition, to locally or remotely manage hosted websites. This post also shows how to install IIS Web Management Service (WMSVC) on Server Core using PowerShell.
You must have a computer with Windows 11/10 and .NET Framework version 4.0 or higher available to install IIS Manager. Certain tasks require administrator privileges. The installation is twofold, but first: What is Internet Information Services (IIS) Manager? IIS Manager is also called InetMgr.
About Internet Information Services (IIS) Manager for Remote Administration
Internet Information Services (IIS) Manager for Remote Administration provides end users and administrators with the ability to securely manage remote IIS servers (version 7 and above) from Windows clients (XP and above). A Web server administrator can perform almost all IIS administrative tasks while site owners and developers that have been delegated administrative privileges can use IIS Manager for Remote Administration to make allowed changes to the remote Web server. IIS Manager for Remote offers the same user interface available on Windows Server to ensure a more consistent experience when managing and configuring the Web server.
iis.net — IIS Manager for Remote Administration 1.2
How to install IIS Remote Management using PowerShell in Windows Server Core
Install Internet Services Management Console
To install the Internet Services Management Console, you must have .NET Framework 4.0 or higher installed on your computer.
- First you must install the Internet Services Management Console through your Control Panel: Programs → Turn Windows features on or off → Internet Information Services → Web Management Tools → IIS Management Console. Check this and click OK.
- Next, download and install IIS Manager for Remote Administration 1.2. Select the appropriate version for your Windows version (e.g
inetmgr_amd64_en-US.msi):
Start-Process msiexec.exe -ArgumentList "/i inetmgr_amd64_en-US.msi /passive"
IIS Manager for Remote Administration is an administration tool that provides end users and administrators with the ability to remotely manage IIS servers of version 7.0 and above
IIS Manager for Remote Administration 1.2 download
If you have accidentally installed Internet Information Services (IIS) completely you can easily remove IIS using PowerShell.
Start and use Internet Information Services (IIS) Manager in Windows 11 and Windows 10
In Windows, to start the desktop app Internet Information Services (IIS) Manager: click the Start button, and type (search for) inetmgr. Or Internet Information Services. The full executable path is C:\Windows\System32\inetsrv\InetMgr.exe.
Inetmgr
InetMgr.exe is an executable file to launch the Internet Information Services (IIS) Manager application in Windows 11/10.
Connect IIS Manager to your website
Substitute example.nl with your own website information and credentials. Start Internet Information Services (IIS) Manager (InetMgr) app
Click File and Connect to a Site…
Fill out your website host information and credentials:
Server Name: example.nl
Site Name: example.nl
→ klik Next
User name: your username, example.nl
Password: your password *********
→ klik Next
If requested, accept the server’s certificate and click Connect:
Connection Name: Give the connection to your website an easy to remember name.
Install Dependent Features if requested. Just click OK and install untill this is done.
And you’re all set! This is it. In a next post I’ll show you some of the settings you can make and change in your website’s configuration. If you can’t connect to your site, and you are 100% sure about the login credentials, then perhaps you need to make a Windows registry change.
Convert .htaccess to web.config
Could not connect to the specified computer
When Internet Information Services (IIS) Manager reports the following error:
Could not connect to the specified computer
Details: the underlying connection was closed: An unexpected error occurred on a send.
It is likely the webserver you are trying to connect to uses a newer version of the TLS protocol. Probably TLS 1.2 or even TLS 1.3. Since IIS Manager uses the .NET Framework in the background, you need to make sure you connect with the highest possible TLS version. Add the following registry SchUseStrongCrypto and SystemDefaultTlsVersions keys and values:
#
# Transport Layer Security (TLS) best practices with the .NET Framework
# Set the SchUseStrongCrypto and SystemDefaultTlsVersions registry keys
#
New-ItemProperty "hklm:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" -Name SchUseStrongCrypto -Value 1 -PropertyType DWord
New-ItemProperty "hklm:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" -Name SystemDefaultTlsVersions -Value 1 -PropertyType DWord
New-ItemProperty "hklm:\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319" -Name SchUseStrongCrypto -Value 1 -PropertyType DWord
New-ItemProperty "hklm:\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319" -Name SystemDefaultTlsVersions -Value 1 -PropertyType DWord
How to install IIS Web Management Service (WMSVC) using PowerShell in Windows Server Core
You may also need to install IIS Web Management Service (WMSVC) on Server Core, or you cannot connect with IIS Manager, this allows you to remotely manager your IIS webservers. Here I show you how to install WMSVC using PowerShell.
By default, there is no IIS Manager available on Windows Server Core. So you’ll need to install and configure IIS Web Management Service (WMSVC), which’ll allow you to manage your IIS server and web apps remotely. Here are the steps to install IIS Web Management Service (WMSVC) in Windows Server Core using PowerShell.
Install IIS Web Management Service for Remote IIS Administration and Management
- Open PowerShell as administrator
- Install the Remote Management Service
2.1.Install-WindowsFeature Web-Mgmt-Service - Update the registry to enable remote management
Set-ItemProperty HKLM:SOFTWARE\Microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1 -PropertyType DWORD -Force- for additional security, set:
Set-ItemProperty HKLM:SOFTWARE\Microsoft\WebManagement\Server -Name RequiresWindowsCredentials -Value 1 -PropertyType DWORD -Force
- Set the Web Management Service (WMSVC) to start automatically:
sc.exe config WMSVC start=autonet start WMSVC
Configure your Windows firewall, add a rule
How to add, list and remove IP addresses in Windows Firewall
You need to add a rule so you are allowed to connect. The WMSVC listens on port 8172 TCP, let’s open that one up. By service name:
netsh advfirewall firewall add rule name="IIS Remote Management" dir=in action=allow service=WMSVC
or by port number:
netsh advfirewall firewall add rule name="IIS Remote Management" dir=in action=allow protocol=TCP localport=8172