How to create an SSL binding for a specific port

The other day I needed to create an SSL binding to a specific port where my WCF service was listening. The easiest way to create such a binding is to use netsh commandline tool. You gonna need the following information upfront before you can create such a binding:

  1. The port you want to assign for SSL
  2. The thumbprint of you certificate (just open mmc, add certificates and double click on your certificate. Show the details pane and copy the Thumbprint value to notpad. Remove the whitespaces.
  3. A new GUID (use the VS tool Create new GUID using the registry format)

To add the SSL cert run the following tool from an elevated command shell:

netsh http add sslcert ipport=0.0.0.0:<PORT> certhash=<cert thumbprint> appid=<GUID>

To remove the SSL cert from a specific port use:

netsh http delete sslcert ipport=0.0.0.0:<PORT>

Refer to this msdn page if you need more information.

Advertisements