...
- Start the Microsoft Management Console (MMC) by typing from the command prompt window
- In the application that starts, go to File -> Add/Remove Snap-In...
- Select the Certificates snap-in in the left-hand panel
- Click to move it into the right-hand panel. Select Computer account when prompted, then , then again after selecting Local computer
- Close the Add or Remove Snap-ins window by pressing
- In the Console Root panel, select Certificates (Local Computer), then choose the Personal folder
- Locate your certificate and double-click on it to view its contents
- In the Details tab, scroll down and select the Thumbnail property Thumbprint property (usually at the bottom)
- In the preview window, copy the full thumbnail thumbprint and paste it into a text editor
- Use search and replace to remove the spaces. Keep this compacted thumbprint for the next stepsteps
Binding to an endpoint
...
Info |
---|
An endpoint is a combination of an IP address and a port number. In |
...
this example, the endpoint |
...
Having found the thumbprint for the certificate you want to use, you must now create a binding between that certificate and the endpoint that Echo will be listening on.
To see which endpoints are currently bound to which certificates, issue the following command:
Code Block |
---|
title | List current bindings |
---|
theme | Midnight |
---|
language | powershell |
---|
|
netsh http show sslcert
|
Code Block |
---|
title | Example output |
---|
theme | RDark |
---|
language | none |
---|
|
SSL Certificate bindings:
-------------------------
IP:port : 192.168.0.179:443
Certificate Hash : 00112233445566778899aabbccddeeff00112233
Application ID : {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier :
Ctl Store Name :
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
|
...
Code Block |
---|
title | Removing an existing binding |
---|
theme | RDark |
---|
language | none |
---|
|
netsh http delete sslcert ipport=192.168.0.179:443
|
...
Code Block |
---|
title | Adding a new binding |
---|
theme | RDark |
---|
language | none |
---|
|
netsh http add sslcert ipport=192.168.0.179:443 certhash=0011223344556677889900112233445566778899 appid={ecc39c98-e826-4009-9401-2a5c6e7babbc}
|
...
Code Block |
---|
title | settings.xml |
---|
theme | RDark |
---|
language | html/xml |
---|
|
...
<web>
<bindAddress>192.168.0.179</bindAddress>
<protocol>https</protocol>
<port>443</port>
<username>xxxxxxxxxx</username>
<password>xxxxxxxxxx</password>
</web>
... |
As with any manual change to the configuration file, the Echo application should be restarted for your changes to take effect.