Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE

How To Bind SSL Certificate To A Port number

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Daniel_Seo
Support
Support

How To Bind SSL Certificate To A Port number

Last Update:

May 25, 2022 9:38:06 AM

Updated By:

Sonja_Bauernfeind

Created date:

Oct 5, 2017 2:32:05 AM

Environment:

Qlik Sense Enterprise on Windows 
QlikView 
Qlik NPrinting 
Windows

 

To bind an SSL certificate to a port number

  1. In Windows Server 2003 or Windows XP, use the HttpCfg.exe tool in "set" mode on the Secure Sockets Layer (SSL) store to bind the certificate to a port number. The tool uses the thumbprint to identify the certificate, as shown in the following example.

    httpcfg set ssl -i 0.0.0.0:4242 -h 0000000000003ed9cd0c315bbb6dc1c08da5e6

  2. The -i switch has the syntax of IP:port and instructs the tool to set the certificate to port 8012 of the computer. Optionally, the four zeroes that precede the number can also be replaced by the actual IP address of the computer.

  3. The -h switch specifies the thumbprint of the certificate.

  4. In Windows Vista, use the Netsh.exe tool, as shown in the following example.

    netsh http add sslcert ipport=0.0.0.0:443 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF}

     

    • The certhash parameter specifies the thumbprint of the certificate.

    • The ipport parameter specifies the IP address and port, and functions just like the -i switch of the Httpcfg.exe tool described.

    • The appid parameter is a GUID that can be used to identify the owning application. There is a wide range of different tools available to generate GUIDs. Example: https://www.guidgenerator.com/



To bind an SSL certificate to a port number and support client certificates

  1. In Windows Server 2003 or Windows XP, to support clients that authenticate with X.509 certificates at the transport layer, follow the preceding procedure but pass an additional command-line parameter to HttpCfg.exe, as shown in the following example.

    httpcfg set ssl -i 0.0.0.0:4242 -h 0000000000003ed9cd0c315bbb6dc1c08da5e6 -f 2


    The     -f switch has the syntax of n where n is a number between 1 and 7. A value of 2, as shown in the preceding example, enables client certificates at the transport layer. A value of 3 enables client certificates and maps those certificates to a Windows account. See HttpCfg.exe Help for the behavior of other values.

    netsh http add sslcert ipport=0.0.0.0:443 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF} clientcertnegotiation=enable
Qlik Sense Enterprise on Windows
Thumbnail of Qlik Sense Enterprise on Windows
Qlik Sense Enterprise on Windows
QlikView
Thumbnail of QlikView
QlikView
Qlik NPrinting
Thumbnail of Qlik NPrinting
Qlik NPrinting
Labels (1)
Labels:
4,286 Views
Was this article helpful? Yes No
Contributors
Version history
Last update:
‎2022-05-25 09:38 AM
Updated by:
Digital Support