This guide details the steps required to run the built-in web server of Echo over HTTPS rather than HTTP.
As an example, it is assumed you want to bind the HTTPS server to IP address using port (the default port for HTTPS connections). Change these values to suit your own requirements.
This guide presumes you have already installed your (valid) SSL certificate into the certificate store using the account, since Echo runs as a system service in that context.
Start a command prompt with administrator privileges to perform the following steps:
First, use the MMC certificate snap-in to find your installed certificate:
Binding to an endpoint
An endpoint is a combination of an IP address and a port number. In this example, the endpoint is . |
Having found the thumbprint for the certificate you want to use, you must now create a binding between that certificate and the endpoint that Echo will be listening on.
To see which endpoints are currently bound to which certificates, issue the following command:
netsh http show sslcert |
SSL Certificate bindings: ------------------------- IP:port : 192.168.0.179:443 Certificate Hash : 00112233445566778899aabbccddeeff00112233 Application ID : {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee} Certificate Store Name : MY Verify Client Certificate Revocation : Enabled Verify Revocation Using Cached Client Certificate Only : Disabled Usage Check : Enabled Revocation Freshness Time : 0 URL Retrieval Timeout : 0 Ctl Identifier : Ctl Store Name : DS Mapper Usage : Disabled Negotiate Client Certificate : Disabled |
The is the thumbnail of the certificate that an endpoint is bound to.
If a binding already exists for the endpoint you want to use, remove it with the following command:
netsh http delete sslcert ipport=192.168.0.179:443 |
Once you are sure your endpoint is no longer bound to a certificate, add a new binding:
netsh http add sslcert ipport=192.168.0.179:443 certhash=0011223344556677889900112233445566778899 appid={ecc39c98-e826-4009-9401-2a5c6e7babbc} |
The parameter is the endpoint you want to bind.
The is the thumbprint (certificate hash) of the SSL certificate you want to use
The parameter is application-specific and should be set to a value of when used for the Echo application.
Finally, you must set the protocol and port number in the configuration file for Echo, as per the following example snippet:
... <web> <bindAddress>192.168.0.179</bindAddress> <protocol>https</protocol> <port>443</port> <username>xxxxxxxxxx</username> <password>xxxxxxxxxx</password> </web> ... |
As with any manual change to the configuration file, the Echo application should be restarted for your changes to take effect.