This guide details the steps required to run the built-in web server of Echo over HTTPS rather than HTTP.
As an example, it is assumed you want to bind the HTTPS server to IP address using port . Change these values to suit your own requirements.
This guide presumes you have already installed your (valid) SSL certificate into the certificate store using the account, since Echo runs as a system service in that context.
Start a command prompt with administrator privileges to perform the following steps:
First, use the MMC certificate snap-in to find your installed certificate:
The next step creates a binding between the SSL certificate you want to use with Echo, and the endpoint that Echo will be listening on.
An endpoint consists of an IP address and a port number.
netsh http show sslcert |
SSL Certificate bindings: ------------------------- IP:port : 192.168.0.179:443 Certificate Hash : 00112233445566778899aabbccddeeff00112233 Application ID : {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee} Certificate Store Name : MY Verify Client Certificate Revocation : Enabled Verify Revocation Using Cached Client Certificate Only : Disabled Usage Check : Enabled Revocation Freshness Time : 0 URL Retrieval Timeout : 0 Ctl Identifier : Ctl Store Name : DS Mapper Usage : Disabled Negotiate Client Certificate : Disabled IP:port : 192.168.0.179:8443 Certificate Hash : 112233445566778899aabbccddeeff0011223344 Application ID : {00000000-1111-2222-3333-444444444444} Certificate Store Name : (null) Verify Client Certificate Revocation : Enabled Verify Revocation Using Cached Client Certificate Only : Disabled Usage Check : Enabled Revocation Freshness Time : 0 URL Retrieval Timeout : 0 Ctl Identifier : (null) Ctl Store Name : (null) DS Mapper Usage : Disabled Negotiate Client Certificate : Disabled |
Take a note of the "Certificate Hash" of the SSL certificate you want to use. This is known as the thumbprint.
Remove any existing binding to that certificate for the endpoint you want to use:
netsh http delete sslcert ipport=192.168.0.179:8443
netsh http show sslcert
netsh http add sslcert ipport=192.168.0.179:8443 certhash=0011223344556677889900112233445566778899 appid={ecc39c98-e826-4009-9401-2a5c6e7babbc}