IISWebAppManagementOnMachineGroupV0 can't detect existing SSL bindings on Server 2022
altwohill opened this issue · comments
I have the following in my yaml pipeline:
- task: IISWebAppManagementOnMachineGroup@0
displayName: 'Deploy base website with binding: ${{ binding }}'
inputs:
IISDeploymentType: 'IISWebsite'
ActionIISWebsite: 'CreateOrUpdateWebsite'
#... snipped
AddBinding: true
Protocol: 'https'
IPAddress: '*'
Port: 443
ServerNameIndication: true
HostNameWithSNI: '${{ binding }}'
It works the first time but fails on repeat deployments on Server 2022 machines.
The issue doesn't occur on our Server 2019 and older machines.
I think the issue is due to some additional lines in the netsh output
Looking at
On Server 2022 the checks always fail so it tries to add a new binding, which fails with the error
SSL Certificate add failed, Error: 183
Cannot create a file when that file already exists.
##[error]Process 'netsh' exited with code '1'.
Just spent hours trying to figure out why the IIS web app manage task was failing. Totally broken on Server 2022
This is still completely broken on Server 2022. Such a shame, there's a simple fix to the script (or just don't use hard coded lines, sheesh)
I just ran into this same issue today. We have installed Windows Server 2022 to migrate sites to. This worked fine in Server 2012 R2.
+1 preventing to migrate to Server 2022. No more workarounds.
Seems to still be an issue, not really a viable workaround, but you can manually configure the cert or deploy the pipeline the first time with the cert, and then blow away the entire binding and the task shouldn't remove it afterwards so that code deploys and application updates still function but the binds, or certs will not. Just in case you are stuck on 2022 for whatever reason.
+1 preventing to migrate to Server 2022.
Hi, we're working on it.