Milestone XProtect Mobile Server – SSL Certificate configuration

Install XProtect PowerShell module to manage Mobile Server as reported in the video above:

Install-Module Posh-XProtectMobile

Follow this article: MileStone XProtect 2019 R2 – How to generated trusted certificate on how to get certificate via MyCertWeb and free top level domain from

Once installed in the system, Powershell will help to configure the certificate automatically:

Get-Help Set-MobileServerCertificate -examples
Sets the sslcert binding for Milestone XProtect Mobile Server when provided with a certificate, an object with a Thumbprint property, or when the -Thumbprint parameter is explicitly provided.

The Thumbprint must represent a publicly signed and trusted certificate located in Cert:\LocalMachine\My where the private key is present.

Set-MobileServerCertificate [-X509Certificate ] [[-Thumbprint] ]

You can get X509 certificate object using this command:

PS C:\WINDOWS\system32> $MyCert = gci Cert:\LocalMachine\My | ? Subject -eq ''
PS C:\WINDOWS\system32> $MyCert

 Thumbprint Subject
---------- -------

Once you have verified the certificate is correct, you can push configuration to Mobile Server with this:

Set-MobileServerCertificate -X509Certificate $MyCert
Set-MobileServerCertificate -Thumbprint <GUID>

To remove certificate at IIS level and check IIS configuration, use these:

netsh http delete sslcert ipport=

netsh http show sslcert ipport=


One thought on “Milestone XProtect Mobile Server – SSL Certificate configuration

  1. Pingback: Milestone XProtect and Tailscale VPN using SSL | Ing. Lele's Blog - HeadQuarter

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.