Skip Navigation

Bind the SSL certificate to the
service SSL port

Import the CA-signed certificate to the computer that hosts the
  1. Copy the thumbprint of the imported certificate.
    1. Double-click the imported certificate.
    2. Click the
    3. In the
      dropdown list, click
      Properties Only
    4. In the
      column, click
    5. Copy the hexidecimal values into a text editor. Delete the spaces between the hexadecimal values. For example, if you copied 80 82 41 2f..., it becomes 8082412f...
    6. Keep the text editor open. 
  2. If required, login to the computer that hosts the
    service with the service account.
  3. Open a command prompt (run as administrator).
  4. Check that a certificate is not already bound to port 8082. Type
    netsh http show sslcert
    . If you use a new certificate, document the hash information for port 8082. The certificate hash is used in step 4.
    If a certificate is bound to port 8082 or a port that you want to use, type
    netstat -abn > netstatoutput.txt
    to output the list of ports and processes to which they are bound. You must first delete the certificate before binding the new certificate or select a new port to bind the SSL. If you choose to bind the certificate to another port, consider this modification when configuring the
    service. To delete the existing certificate, type
    netsh http delete sslcert ipport=
    or the port that you want to bind the certificate to.
    For more information about netsh, visit the Technet Library to see Netsh Commands for Hypertext Transfer Protocol (HTTP).
  5. Bind the certificate to the SSL port. In a command prompt (run as administrator), type
    netsh http add sslcert ipport=<
    > certhash=<
    > appid={AD67330E-7F41-4722-83E2-F6DF9687BC71}
    Where <
    > is the thumbprint of the signed certificate that you exported to the text editor. For instructions, see Import the signed certificate to the computer that hosts the Connect service.
  6. Press
  7. To verify the certificate binding, type
    netsh http show sslcert