Securing the socket with a certificate.

May 14, 2015 at 12:41 PM
I want to secure the socket with a certificate, so that i can use https (instead of http) to browse any webpage using a listener application that I have developed using Casablanca SDK.

Now, I created a certificate using MakeCert
Makecert -r -pe -n CN="http://172.29.15.63:2001/" -b 05/10/2015 -e 12/22/2025 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
I want this IP Address and port in the SSL so that it can be browsed using https, How can I accomplish this? I followed the below mentioned link, to make it safe and truested.

http://blogs.msdn.com/b/jpsanders/archive/2009/09/29/walkthrough-using-httplistener-as-an-ssl-simple-server.aspx

Now how can I implement it with my URL on google chrome to make it work?
Coordinator
May 14, 2015 at 5:47 PM

Hi maverick786us,

Our http_listener is built on the Windows HTTP Server API, our API exposes no functionality for dealing with certificates directly. I think you are on the right track, but need to use either netsh or the HTTP Serve APIs like HttpSetServiceConfiguration directly.

Steve

May 15, 2015 at 1:43 PM
This is in context to my previous thread.

https://casablanca.codeplex.com/discussions/577574

I am under pressure to resolve the issue of https. I created a certificate using this command.
Makecert -r -pe -n CN="http://172.29.15.63:2001/" -b 05/10/2015 -e 12/22/2025 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
And then using this step I made it a trusted certificate.

http://blogs.msdn.com/b/jpsanders/archive/2009/09/29/walkthrough-using-httplistener-as-an-ssl-simple-server.aspx

After this what else am I supposed to do to, in order to make https work, in this case? I have pressure to get this issue resolved. Any help / solution will be much welcomed. :(
Coordinator
May 15, 2015 at 5:33 PM

Hi maverick786us,

Take a look at the two links I provided you in my previous response. They should get you going in the right direction.

Steve

May 18, 2015 at 12:11 PM
Edited May 18, 2015 at 12:35 PM
Steve, based on the links I followed these steps.
Makecert -r -pe -n CN="www.example.com" -b 05/10/2010 -e 12/22/2011 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
Creation of certification. Based on this link I created a certificate. Where it says that __"T_he following command creates a self-signed certificate that can be used to test a web application that uses Secure Sockets Layer (SSL) on a web server whose URL is www.example.com. The OID defined by the -eku option identifies that certificate as an SSL server certificate. The certificate is stored in the my store and is available at the machine (rather than user) level. The certificate's private key is exportable, and the certificate is valid from May 10, 2010 through December 22, 2011."___

So this is the command I followed to create an SSL certificate.
Makecert -r -pe -n CN="http://172.29.15.63:2001/" -b 05/10/2015 -e 12/22/2025 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
Where you can see that the IP Address and port # is the one used to browse my listener application developed using Casablanca SDK
uri_builder uri(L"http://*:2001/");
Now using this article I added that cretification in "Trusted Root Certification Authority" section, and used the values present in the "Blueprint" in details section

http://blogs.msdn.com/b/jpsanders/archive/2009/09/29/walkthrough-using-httplistener-as-an-ssl-simple-server.aspx

That bluebrint value I used with "Netsh" (the link that you gave), so this is what the command that I used.
netsh http add sslcert ipport=http://172.29.15.63:2001 certhash=416ee19e03f6454a9e36729180137db83e6e17e5 appid={?228b0c62311730954d115fc305898d4f} 
Where __http://172.29.15.63:2001__ is the IP Address and port through which the listener application can be browsed, 416ee19e03f6454a9e36729180137db83e6e17e5 is the Blueprint that I stored. I am not sure what I should mention in the appid for this application, so I mentioned something in the default.

@Steve, can you tell me, if there is anything that I am missing