How to use Let’s Encrypt certificates for Windows Admin Center by Bas Wijdenes

Let’s Encrypt and WAC.

In my previous post I wrote about installing Let’s encrypt certificates on Windows. I gave the example that you can use a Let’s encrypt certificate for the Windows Admin Center.

In this blog post I will also show you how to use Let’s Encrypt for WAC.

During the installation you will be asked for the thumbprint. Unfortunately this is not a select option.
In the tutorial below, I explain how to get the correct thumbprint and how to use it in the Windows Admin Center.

I installed the Windows Admin Center on the management server in my Developer tenant. This is the same server used in the previous post.


Finding the correct thumbprint for WAC.

Let’s start by getting the certificate correct thumbprint.

Go to start and search for PowerShell_ISE.
Or press CTRL + R at the same time and type in PowerShell_ISE.
Copy / paste the cmdlet below to PowerShell_ISE.

$c = "Windows Admin Center Encryption"

Get-ChildItem -path cert:\LocalMachine\My |  where {$_.Subject -like "*$c*"} | select subject,thumbprint

Change $c to the subject of your certificate. Usually this is the domain name itself. You could also use a part of the subject because the cmdlet uses a wildcard.

This shows the following certificate thumbprint for me:

1374EDF24566178587606A8A68A6D5756B8919FF

Let’s encrypt for Windows Admin Center (WAC)
Let’s encrypt for Windows Admin Center (WAC).

Make sure you always leave the first and the last 2 characters and copy the rest.
Type in the first 2 characters and paste the rest, and then type the last 2 characters in the Windows Admin Center option “Provide the thumbprint for the gateway SSL certificate“.
This prevents you from copying a space!

Let’s encrypt for Windows Admin Center (WAC)
Let’s encrypt for Windows Admin Center (WAC).

Continue with the WAC installation. My screenshot shows Change because I already installed Windows Admin Center with a Self Signed Certificate.

If you now open the domain where your WAC is installed, you will see that the website is secured.

Let’s encrypt for Windows Admin Center (WAC)
Let’s encrypt for Windows Admin Center (WAC).

When we request the certificate we see that it is a Let’s Encrypt certificate and we can now verify that the installation of a Let’s Encrypt certificate on Windows Admin Center has been successful.


Recap

If you have any questions about this, or using Let’s Encrypt for different applications or Windows roles, please let me know in the comments.


A little extra

This post contains PowerShell. Would you like to learn the basics better? I have created a new website to learn basic PowerShell in an ’emulator’ environment.
Click here to go learn Basic PowerShell.

Published by

Bas Wijdenes

My name is Bas Wijdenes and I work as a PowerShell DevOps Engineer. In my spare time I write about interesting stuff that I encounter during my work.

One thought on “How to use Let’s Encrypt certificates for Windows Admin Center by Bas Wijdenes”

  1. This post is like a food recipe that provides most of the ingredients but leaves a few out and doesn’t bother to provide the instructions.

    There is no mention here that Let’s Encrypt certificates are very short lived and that you will need to repeat this manual process every time the Let’s Encrypt certificate is renewed.

Leave a Reply

Your email address will not be published. Required fields are marked *