.net - Httplistener with https support -


Seems to be very confusing, occasionally disputed, information regarding enabling a net HTTPListener https. My understanding is as follows:

  • Copy the C # code of https prefix (eg https: // *: 8443 ) For the listener to understand that he needs to serve SSL requests on this port

  • The actual SSL handshake is under the cover and it is called http. Sys (Windows is buried somewhere on the machine); The C # code does not need to explicitly manage SSL handshake because it is covered under the cover.

  • If not, please educate me.

    About x509 certificates, I understand:

    • Use merchant to create a x509 certificate This certificate is in the personal store It is stored and needs to be moved to the Trusted Store (this is where the http listener will appear). It seems that I can use the certMgr to perform this step, or I can use the mmc to influence this step. More than x50 9 proof format ( DER , Base64 , pks , pswd protected pks private etc.) .. should any preferred format should I use?

      Once I find it in a trusted store, I have to pack it in a TCP port. I am on Win7: should I use httpcfg or netsh ?

      Any suggestions / advice will be appreciated.

      I have done a bunch of homework and got this work. The steps for adding SSL support to .NET HttpListener are:

      1. Update the C # app code to include the https prefix. Example 

          string [] prefix = {"http: // *: 8089 /", "https: // *: 8443 /"};   
         This code is from the aspect.   
      2.  
         For certificate of things, using the Win SDK Command Console (VS Professional Command Console)  
           
        •  
           A certificate Use  makecert.exe  to create an author example:  
            make-up "CN = VMGCA" -R-SV vMargeCA.pvk vMargeCA.cer    
        •  
           Use  makecert.exe  to create an SSL certificate  
           
            Mkkert -C vMargeSignedByCA -iv vMargeCA.pvk -n "CN = vMargeSignedByCA" -ic vMargeCA.cer vMargeSignedByCA  
        •   
        •  
        •  
        •  
        •   
        •  < / Li> 
        •   
        •  SA in private store Use MMC GUI to install the SL certificate  
        •  
           Bind the bind to the IP: Port and Application Example:  
           
            netsh http add sslcert Ipport = 0.0.0.0: 8443 certhash = 585947f104b5bce53239f02d1c6fed06832f47dc apiid = {df8c8073-5a4b-4810-b469-5975a9c95230}    
           certhash is thumb impression from your SSL certificate . You can find it by using MMC ... APID joins VS ... usually in assembly cc, look for guideline      
           There are other ways to accomplish the above, but it worked for me.

Comments

Post a Comment