Quick Search
Browse
Pages
Blog
Labels
Attachments
Mail
Advanced
What’s New
Space Directory
Feed Builder
Keyboard Shortcuts
Confluence Gadgets
Log In
Dashboard
Echo
Copy Page
You are not logged in. Any changes you make will be marked as
anonymous
. You may want to
Log In
if you already have an account. You can also
Sign Up
for a new account.
This page is being edited by
.
Paragraph
Paragraph
Heading 1
Heading 2
Heading 3
Heading 4
Heading 5
Heading 6
Preformatted
Quote
Bold
Italic
Underline
More colours
Strikethrough
Subscript
Superscript
Monospace
Clear Formatting
Bullet list
Numbered list
Outdent
Indent
Align left
Align center
Align right
Link
Table
Insert
Insert Content
Image
Link
Attachment
Symbol
Emoticon
Wiki Markup
Horizontal rule
tinymce.confluence.insert_menu.macro_desc
Info
JIRA Issue
Status
Gallery
Tasklist
Table of Contents
Other Macros
Undo
Redo
Find/Replace
Keyboard Shortcuts Help
<p>This guide details the steps required to run the built-in web server of Echo over HTTPS rather than HTTP.</p><p>As an example, it is assumed you want to bind the HTTPS server to IP address <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD0xOTIuMTY4LjAuMTc5fQ&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=192.168.0.179"> using port <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD00NDN9&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=443"> (the default port for HTTPS connections). Change these values to suit your own requirements.</p><h3>Prerequisites</h3><p>This guide presumes you have already installed your (valid) SSL certificate into the <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1NWX0&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=MY"> certificate store using the <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1Mb2NhbCBNYWNoaW5lfQ&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=Local Machine"> account, since Echo runs as a system service in that context.</p><p>Start a command prompt with administrator privileges to perform the following steps:</p><h3>Find the certificate thumbprint</h3><p>First, use the MMC certificate snap-in to find your installed certificate:</p><ul><li>Start the <strong>Microsoft Management Console (MMC)</strong> by typing <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1tbWMuZXhlfQ&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=mmc.exe"> from the command prompt window</li><li>In the application that starts, go to <strong>File</strong> -> <strong>Add/Remove Snap-In...</strong></li><li>Select the <strong>Certificates</strong> snap-in in the left-hand panel</li><li>Click <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2J1dHRvbm1hY3JvOkxhYmVsPUFkZCA-fQ&locale=en_GB&version=2" data-macro-name="buttonmacro" data-macro-parameters="Label=Add >"> to move it into the right-hand panel. Select <strong>Computer account</strong> when prompted, then <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2J1dHRvbm1hY3JvOkxhYmVsPUZpbmlzaH0&locale=en_GB&version=2" data-macro-name="buttonmacro" data-macro-parameters="Label=Finish">, then <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2J1dHRvbm1hY3JvOkxhYmVsPUZpbmlzaH0&locale=en_GB&version=2" data-macro-name="buttonmacro" data-macro-parameters="Label=Finish"> again after selecting <strong>Local computer</strong></li><li>Close the <strong>Add or Remove Snap-ins</strong> window by pressing <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2J1dHRvbm1hY3JvOkxhYmVsPU9LfQ&locale=en_GB&version=2" data-macro-name="buttonmacro" data-macro-parameters="Label=OK"></li><li>In the <strong>Console Root</strong> panel, select <strong>Certificates (Local Computer)</strong>, then choose the <strong>Personal</strong> folder</li><li>Locate your certificate and double-click on it to view its contents</li><li>In the <strong>Details</strong> tab, scroll down and select the <strong>Thumbprint</strong> property (usually at the bottom)</li><li>In the preview window, copy the full thumbprint and paste it into a text editor</li><li>Use search and replace to remove the spaces. Keep this compacted thumbprint for the next steps</li></ul><h3>Binding to an endpoint</h3><table class="wysiwyg-macro" data-macro-name="info" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2luZm99&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="RICH_TEXT"><tr><td class="wysiwyg-macro-body"><p><span>An endpoint is a combination of an IP address and a port number. In this example, the endpoint is <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD0xOTIuMTY4LjAuMTc5OjQ0M30&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=192.168.0.179:443">.</span></p></td></tr></table><p>Having found the thumbprint for the certificate you want to use, you must now create a binding between that certificate and the endpoint that Echo will be listening on.</p><p>To see which endpoints are currently bound to which certificates, issue the following command:</p><table class="wysiwyg-macro" data-macro-name="code" data-macro-parameters="language=powershell|theme=Midnight|title=List current bindings" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGU6dGl0bGU9TGlzdCBjdXJyZW50IGJpbmRpbmdzfHRoZW1lPU1pZG5pZ2h0fGxhbmd1YWdlPXBvd2Vyc2hlbGx9&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> netsh http show sslcert </pre></td></tr></table><table class="wysiwyg-macro" data-macro-name="code" data-macro-parameters="language=none|theme=RDark|title=Example output" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGU6dGl0bGU9RXhhbXBsZSBvdXRwdXR8dGhlbWU9UkRhcmt8bGFuZ3VhZ2U9bm9uZX0&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> SSL Certificate bindings: ------------------------- IP:port : 192.168.0.179:443 Certificate Hash : 00112233445566778899aabbccddeeff00112233 Application ID : {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee} Certificate Store Name : MY Verify Client Certificate Revocation : Enabled Verify Revocation Using Cached Client Certificate Only : Disabled Usage Check : Enabled Revocation Freshness Time : 0 URL Retrieval Timeout : 0 Ctl Identifier : Ctl Store Name : DS Mapper Usage : Disabled Negotiate Client Certificate : Disabled </pre></td></tr></table><p>The <strong><img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1DZXJ0aWZpY2F0ZSBIYXNofQ&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=Certificate Hash"></strong> is the thumbnail of the certificate that an endpoint is bound to.</p><p>If a binding already exists for the endpoint you want to use, remove it with the following command:</p><table class="wysiwyg-macro" data-macro-name="code" data-macro-parameters="language=none|theme=RDark|title=Removing an existing binding" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGU6dGl0bGU9UmVtb3ZpbmcgYW4gZXhpc3RpbmcgYmluZGluZ3x0aGVtZT1SRGFya3xsYW5ndWFnZT1ub25lfQ&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> netsh http delete sslcert ipport=192.168.0.179:443 </pre></td></tr></table><p>Once you are sure your endpoint is no longer bound to a certificate, add a new binding:</p><table class="wysiwyg-macro" data-macro-name="code" data-macro-parameters="language=none|theme=RDark|title=Adding a new binding" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGU6dGl0bGU9QWRkaW5nIGEgbmV3IGJpbmRpbmd8dGhlbWU9UkRhcmt8bGFuZ3VhZ2U9bm9uZX0&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> netsh http add sslcert ipport=192.168.0.179:443 certhash=0011223344556677889900112233445566778899 appid={ecc39c98-e826-4009-9401-2a5c6e7babbc} </pre></td></tr></table><p>The <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1pcHBvcnR9&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=ipport"> parameter is the endpoint you want to bind.<br />The <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1jZXJ0aGFzaH0&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=certhash"> is the thumbprint (certificate hash) of the SSL certificate you want to use<br />The <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1hcHBpZH0&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=appid"> <span style="font-size: 10.0pt;">parameter </span><span style="font-size: 10.0pt;">is application-specific and should be set to a value of <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD17ZWNjMzljOTgtZTgyNi00MDA5LTk0MDEtMmE1YzZlN2JhYmJjfX0&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label={ecc39c98-e826-4009-9401-2a5c6e7babbc}"> when used for the Echo application.</span></p><h3>Enabling HTTPS in Echo</h3><p>Finally, you must set the protocol and port number in the <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e2tleXdvcmRtYWNybzpMYWJlbD1zZXR0aW5ncy54bWx9&locale=en_GB&version=2" data-macro-name="keywordmacro" data-macro-parameters="Label=settings.xml"> configuration file for Echo, as per the following example snippet:</p><table class="wysiwyg-macro" data-macro-name="code" data-macro-parameters="language=html/xml|theme=RDark|title=settings.xml" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGU6dGl0bGU9c2V0dGluZ3MueG1sfHRoZW1lPVJEYXJrfGxhbmd1YWdlPWh0bWwveG1sfQ&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre>... <web> <bindAddress>192.168.0.179</bindAddress> <protocol>https</protocol> <port>443</port> <username>xxxxxxxxxx</username> <password>xxxxxxxxxx</password> </web> ...</pre></td></tr></table><p><span style="font-size: 10.0pt;">As with any manual change to the configuration file, the Echo application should be restarted for your changes to take effect.</span></p>
Attachments
Labels
Location
< Edit
Preview >
Loading…
Save
Cancel
Next hint
search
attachments
weblink
advanced