How to install Sitecore 9 with existing SSL certificate

You probably installed already Sitecore 9 on your environments following different blogs with necessary clarifications.

But, might happen that you already have a SSL certificate for your environments.

The affected places are:

  1. Installation of SolR
  2. Installation of Sitecore 9 itself

One of the places where SSL it’s needed its on the SolR instance. So by following the instructions from Jeremy Davis on this blog post I’ve adjusted his script in order to use an already existing certificate, where I’ve introduced a new variable

$solrNameSSL = "MySSLFriendlyName"

And then used this new variable $solrNameSSL in all places that have references to SSL instead of $solrName and adjusted the place where the code is searching for the certificate Cert:\Localmachine\My not only Cert:\Localmachine\Root.

The result script is here, but please do not forget to adjust necessary variables :

In the installation script of Sitecore 9 itself, some changes are required in order to use the already installed certificate.
One of the standard steps is to install a client certificate for xconnect, and that one has to be removed or at least commented out. This step usually looks like this:

#install client certificate for xconnect 
$certParams = @{     
	Path = "$PSScriptRoot\xconnect-createcert.json"     
	CertificateName = "$prefix.xconnect_client" 
Install-SitecoreConfiguration @certParams -Verbose 

I recommend to comment out only this line
Install-SitecoreConfiguration @certParams -Verbose
and in the  variable CertificateName that is defined above to put your certificate friendly name or the certificate thumbprint.

This will cover the client authentication certificate and next will be to make necessary changes for the server authentication certificate. The parameter that is called SSLCert has to be added in script part that deploys the xconnect instance, as follows:

#deploy xconnect instance
$xconnectParams = @{
 Path = "$PSScriptRoot\xconnect-xp0.json"
 Package = "$PSScriptRoot\Sitecore 9.0.0 rev. 171002
 LicenseFile = "$PSScriptRoot\license.xml"
 Sitename = $XConnectCollectionService
 XConnectCert = $certParams.CertificateName
 SSLCert = $certParams.CertificateName
 SqlDbPrefix = $prefix
 SqlServer = $SqlServer
 SqlAdminUser = $SqlAdminUser
 SqlAdminPassword = $SqlAdminPassword
 SolrCorePrefix = $prefix
 SolrURL = $SolrUrl
Install-SitecoreConfiguration @xconnectParams

That is needed because if is not provided a certificate will be generated automatically to be used use for the HTTPS web bindings of the xconnect website.

In the Oficial Installation guide in chapter 4.1 and chapter 8.1.1 there is more information about SSL requirements and where and how it’s used.


By Sebastian Tecsi

Sitecore MVP 2018, 2019, 2020
Sitecore Architect

1 reply on “How to install Sitecore 9 with existing SSL certificate”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.