Saturday, September 27, 2014

SSL Certificate Binding to Process

SSL certificate is usually used in Web Server, IIS for example. Obviously binding an SSL certificate to IIS site is a very straightforward task.

Using IIS Manager, you go to the site

Edit Site Bindings...

Select the https (443)

The select the certificate from the list

Sometime you need to bind SSL certificate to a process or an application. If the application has got an interface or GUI to bind to an SSL certificate, great!. If not, then you need to follow the process here:

Get the application ID, by running WMI query:

wmic product list

This query produces a list of application name, its identifying number and install location

Get the application identifier number (highlighted)

The next step is to get the SSL certificate hash/thumbprint. To get this you can either run:

netsh http show sslcert


Get it from the certificate itself

Finally you can bind it using the following command:

netsh http add sslcert ipport=<ip address>:<port> certhash=<cert thumbprint> appid={<app id>}