Skip to content

Instantly share code, notes, and snippets.

@ZekeSnider
Created February 5, 2018 17:42
Show Gist options
  • Save ZekeSnider/7480a1b620f8698db000d255d3f3ba61 to your computer and use it in GitHub Desktop.
Save ZekeSnider/7480a1b620f8698db000d255d3f3ba61 to your computer and use it in GitHub Desktop.
Binding an SSL certificate to a port in Windows C++
/*
This is the C++ programatic version of the following cmd:
netsh http add sslcert ipport=0.0.0.0:443 certhash=... appid=...
*/
ULONG ret = NO_ERROR;
HTTP_SERVICE_CONFIG_SSL_SET scssl;
//Fill in these with actual certificate hash and GUID.
BYTE ServerCertHash[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0, 0x00, 0x00 };
GUID AppID = { 0x00000000, 0x0000, 0x0000,{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x0, 0x00, 0x00 } };
sockaddr_in addr = { 0 };
addr.sin_addr.s_addr = inet_addr("0.0.0.0");
addr.sin_family = AF_INET;
addr.sin_port = htons(443);
scssl.KeyDesc.pIpPort = (PSOCKADDR)&addr;
scssl.ParamDesc.AppId = AppID;
scssl.ParamDesc.DefaultCertCheckMode = 0;
scssl.ParamDesc.DefaultFlags = NULL;
scssl.ParamDesc.DefaultRevocationFreshnessTime = 0;
scssl.ParamDesc.DefaultRevocationUrlRetrievalTimeout = 10000;
scssl.ParamDesc.pSslCertStoreName = 0;
scssl.ParamDesc.pDefaultSslCtlIdentifier = NULL;
scssl.ParamDesc.pDefaultSslCtlStoreName = NULL;
scssl.ParamDesc.pSslHash = (void*)ServerCertHash;
scssl.ParamDesc.SslHashLength = ARRAYSIZE(ServerCertHash);
ret = HttpSetServiceConfiguration(0, HttpServiceConfigSSLCertInfo, &scssl, sizeof(scssl), NULL);
if (ret != NO_ERROR && ret != 183)
{
//Handle the error how you would like
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment