Saturday, March 13, 2010

Programatically install SSL for WCF self hosting

@YaronNaveh

When we use SSL with IIS deployed services we can configure SSL in the IIS console. But what to do when we self host our service?

Here's one way to do it (vista / windows 7 / windows 2008 server only).

Run this command line:


netsh http add sslcert ipport=0.0.0.0:8732 certhash=4f35f9386692f45b6cc35b7e786c9f06625b9567 appid={00112233-4455-6677-8899-AABBCCDDEEFF}


Where:


ipport - The port on which you want to install SSL. The zeros stand for the local machine and 8732 is the port.

appid - any unique GUID should do it here.

certhash - The thumbprint of our certificate. See below how to get it.


How to get the certificate hash / thumbrpint?

1. Run mmc and add the certificates snap-in.
2. Double click your certificate and see its thumbprint (hash):



3. Convert the base64 representation to Hex - this is the value you need.

From code...

Now in many cases you will want to do the installation dynamically at run time. This is as easy as:


using System.Diagnostics;

...

void RunCommandLine(string filePath, string arguments)
{
     var p = new Process();
     p.StartInfo = new ProcessStartInfo(filePath, arguments);
     p.StartInfo.UseShellExecute = false;
     p.Start();
     p.WaitForExit(10000);
}

...

RunCommandLine(
   "netsh",
   "http add sslcert ipport=0.0.0.0:8732   certhash=4f35f9386692f45b6cc35b7e786c9f06625b9567 appid={00112233-4455-  6677-8899-AABBCCDDEEFF}");

@YaronNaveh

What's next? get this blog rss updates or register for mail updates!

0 comments: