Geek Answers Handbook

Bind SSL certificate to port programmatically

I am working on a self-service WCF service for which encrypted communication is an option. Everything works fine when the certificate is already bound to a port, as described here .

However, I want the user not to ask the user to run the command line tool. Is there a way that binding can be done programmatically? Perhaps using WMI?

+6
windows wmi wcf
source share
3 answers

I believe that the way to create an HTTP.SYS namespace reservation is through the HttpSetServiceConfiguration () unmanaged API; so for this you need P / Invoke. Here is an example of code that may be useful for one of the Keith Brown MSDN columns.

+4
source share

MSDN documentation , Keith Brown The MSDN column , and pinvoke.net received most of the way from me. But the proper execution of PSOCKADDR in HTTP_SERVICE_CONFIG_SSL_KEY was complicated. I found the Beej Guide to Network Programming very useful for figuring out what it should look like. I was able to use the .NET SocketAddress and then copy the bytes to an array that could be marshaled.

// serialize the endpoint to a SocketAddress and create an array to hold the values. Pin the array. SocketAddress socketAddress = ipEndPoint.Serialize(); byte[] socketBytes = new byte[socketAddress.Size]; GCHandle handleSocketAddress = GCHandle.Alloc(socketBytes, GCHandleType.Pinned); // Should copy the first 16 bytes (the SocketAddress has a 32 byte buffer, the size will only be 16, which is what the SOCKADDR accepts for (int i = 0; i < socketAddress.Size; ++i) { socketBytes[i] = socketAddress[i]; }
+2
source share

Yes, but you should use the HTTP API , which currently does not contain a .NET wrapper, so you should use P / Invoke. In particular, I think you are looking for an HttpSetServiceConfiguration with the configuration identifier HttpServiceConfigSSLCertInfo.

+1
source share

More articles:


All Articles