Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

As an example, it is assumed you want to bind the HTTPS server to IP address

Keywordmacro
Label192.168.0.179
using port
Keywordmacro
Label8443443
 (the default port for HTTPS connections).  Change these values to suit your own requirements.

...

  • Start the Microsoft Management Console (MMC) by typing 
    Keywordmacro
    Labelmmc.exe
    from the command prompt window
  • In the application that starts, go to File -> Add/Remove Snap-In...
  • Select the Certificates snap-in in the left-hand panel
  • Click
    Buttonmacro
    LabelAdd >
    to move it into the right-hand panel.  Select Computer account when prompted, then
    Buttonmacro
    LabelFinish
    , then
    Buttonmacro
    LabelFinish
     again after selecting Local computer
  • Close the Add or Remove Snap-ins window by pressing
    Buttonmacro
    LabelOK
  • In the Console Root panel, select Certificates (Local Computer), then choose the Personal folder
  • Locate your certificate and double-click on it to view its contents
  • In the Details tab, scroll down and select the Thumbnail property Thumbprint property (usually at the bottom)
  • In the preview window, copy the full thumbnail thumbprint and paste it into a text editor
  • Use search and replace to remove the spacesKeep this compacted thumbprint for the next stepsteps

Binding to an endpoint

...

Info

An endpoint is a combination of an IP address and a port number.  In

...

this example, the endpoint

...

is

Keywordmacro
Label192.168.0.179:

...

443
.

Having found the thumbprint for the certificate you want to use, you must now create a binding between that certificate and the endpoint that Echo will be listening on.

To see which endpoints are currently bound to which certificates, issue the following command:

...

Code Block
titleExample output
themeRDark
languagenone
 
SSL Certificate bindings:
-------------------------
    IP:port                 : 192.168.0.179:443
    Certificate Hash        : 00112233445566778899aabbccddeeff00112233
    Application ID          : {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee}
    Certificate Store Name  : MY
    Verify Client Certificate Revocation    : Enabled
    Verify Revocation Using Cached Client Certificate Only    : Disabled
    Usage Check    : Enabled
    Revocation Freshness Time : 0
    URL Retrieval Timeout   : 0
    Ctl Identifier          :
    Ctl Store Name          :
    DS Mapper Usage    : Disabled
    Negotiate Client Certificate    : Disabled

    IP:port                 : 192.168.0.179:8443
    Certificate Hash        : 112233445566778899aabbccddeeff0011223344
    Application ID          : {00000000-1111-2222-3333-444444444444}
    Certificate Store Name  : (null)
    Verify Client Certificate Revocation    : Enabled
    Verify Revocation Using Cached Client Certificate Only    : Disabled
    Usage Check    : Enabled
    Revocation Freshness Time : 0
    URL Retrieval Timeout   : 0
    Ctl Identifier          : (null)
    Ctl Store Name          : (null)
    DS Mapper Usage    : Disabled
    Negotiate Client Certificate    : Disabled 

The

Keywordmacro
LabelCertificate Hash
is the thumbnail of the certificate that an endpoint is bound to.

...

Code Block
titleRemoving an existing binding
themeRDark
languagenone
 
netsh http delete sslcert ipport=192.168.0.179:8443443
 

Once you are sure your endpoint is no longer bound to a certificate, add a new binding:

Code Block
titleAdding a new binding
themeRDark
languagenone
 
netsh http add sslcert ipport=192.168.0.179:8443443 certhash=0011223344556677889900112233445566778899 appid={ecc39c98-e826-4009-9401-2a5c6e7babbc}
 

...

Enabling HTTPS in Echo

Finally, you must enable HTTPS and set the protocol and port number in the

Keywordmacro
Labelsettings.xml
 configuration file for Echo, as per the following example snippet:

Code Block
titlesettings.xml
themeRDark
languagehtml/xml
...
    <web>
        <bindAddress>192.168.0.179</bindAddress>
        <protocol>https</protocol>
        <port>8443<<port>443</port>
        <username>xxxxxxxxxx</username>
        <password>xxxxxxxxxx</password>
    </web>
...

As with any manual change to the configuration file, the Echo application should be restarted for your changes to take effect.