This guide details the steps required to run the built-in web server of Echo over HTTPS rather than HTTP.
As an example, it is assumed you want to bind the HTTPS server to IP address using port . Change these values to suit your own requirements.
This guide presumes you have already installed your (valid) SSL certificate into the certificate store using the account, since Echo runs as a system service in that context.
Start a command prompt with administrator privileges to perform the following steps:
First, use the MMC certificate snap-in to find your installed certificate:
The next step creates a binding between endpoint that Echo will be listening on and the SSL certificate you want to use
An endpoint is a combination of an IP address and a port number. In our example, the endpoint is .
To see which endpoints are currently bound to which certificates, issue the following command:
netsh http show sslcert |
SSL Certificate bindings: ------------------------- IP:port : 192.168.0.179:443 Certificate Hash : 00112233445566778899aabbccddeeff00112233 Application ID : {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee} Certificate Store Name : MY Verify Client Certificate Revocation : Enabled Verify Revocation Using Cached Client Certificate Only : Disabled Usage Check : Enabled Revocation Freshness Time : 0 URL Retrieval Timeout : 0 Ctl Identifier : Ctl Store Name : DS Mapper Usage : Disabled Negotiate Client Certificate : Disabled IP:port : 192.168.0.179:8443 Certificate Hash : 112233445566778899aabbccddeeff0011223344 Application ID : {00000000-1111-2222-3333-444444444444} Certificate Store Name : (null) Verify Client Certificate Revocation : Enabled Verify Revocation Using Cached Client Certificate Only : Disabled Usage Check : Enabled Revocation Freshness Time : 0 URL Retrieval Timeout : 0 Ctl Identifier : (null) Ctl Store Name : (null) DS Mapper Usage : Disabled Negotiate Client Certificate : Disabled |
The is the thumbnail of the certificate that an endpoint is bound to.
If a binding already exists for the endpoint you want to use, remove it with the following command:
netsh http delete sslcert ipport=192.168.0.179:8443 |
Once you are sure your endpoint is no longer bound to a certificate, add a new binding:
netsh http add sslcert ipport=192.168.0.179:8443 certhash=0011223344556677889900112233445566778899 appid={ecc39c98-e826-4009-9401-2a5c6e7babbc} |
The parameter is the endpoint you want to bind.
The is the thumbprint (certificate hash) of the SSL certificate you want to use
The parameter is application-specific and should be set to a value of when used for the Echo application.