Tag Archives: certificate

How to change the Friendly Name on a certificate -Windows

I ran into the situation where someone created and applied a certificate in IIS and the friendlyName was wrong. During automatic deployments of the software, they would call into the cert store and select the certificate to use for their 443 bindings based on the friendly name. The certificate was named wrong and wouldn’t get applied during deployment or it would apply the wrong one.

Here is how to fix this using PowerShell without re-issuing the certificate.

Open up PowerShell with administrative rights and change your location to the certificate store.

We will change the certificate with the thumbprint named wrong_internal_wildcard to right_internal_wildcard

PS C:\Users\ed> set-location cert:
PS Cert:\> cd .\\localmachine\My
PS Cert:\localmachine\My> Get-ChildItem


   PSParentPath: Microsoft.PowerShell.Security\Certificate::localmachine\My

Thumbprint                                Subject
----------                                -------
EC1D0A14FA9BAD91DA24B9F87ECBCDB63E9D6F6A
E09D1799FC7F5791797EC39ED75A90345D1EE080  CN=IssuingCA, DC=domain, DC=com
A0102DDEFE92D57E8136B150F1DAEC4DA628B2AD  CN=AnotherCA, DC=domain, DC=com
8F5A004D9F831A9EA18374C3367796F6075AA578  CN=*.domain.com, O=company, L=city, S=state, C=US

PS Cert:\localmachine\My> $cert = Get-ChildItem 8F5A004D9F831A9EA18374C3367796F6075AA578
PS Cert:\localmachine\My> $cert.FriendlyName
wrong_internal_wildcard

PS Cert:\localmachine\My> $cert.FriendlyName = "right_internal_wildcard"
PS Cert:\localmachine\My> $cert.FriendlyName
right_internal_wildcard

In the above example, I have done the following:

    1. Opened Powershell

 

    1. Set-Location to the certificate store by typing Set-Location cert:

 

    1. Listed out the certs by typing Get-ChildItem

 

    1. Located the cert I wanted to change the friendly name of

 

    1. Put that cert in a variable so I could view it’s properties

 

    1. Verified that the cert is the right one by typing $cert.friendlyname

 

    1. Then changed the friendlyname by typing $cert.FriendlyName = “right_internal_wildcard”

 

    lastly, I verifed the cert friendlyname by typing $cert.FriendlyName