certificate validation overriding

ServicePointManager.ServerCertificateValidationCallback += 
  new RemoteCertificateValidationCallback(ValidateCertificate);

public static bool ValidateCertificate(object sender, X509Certificate cert, 
  X509Chain chain, SslPolicyErrors sslPolicyErrors)
      return true;


Installed certificates expiring? Use X509KeyStorageFlags.PersistKeySet - What is the impact of PersistKeySet

ssl certificate binding

bind a certificate

netsh http add sslcert ipport=<ipAddress>:<port> ^
    certhash={<certificateThumbprint>} appid={<someGuid>}

check current bindings

# all
netsh http show sslcert
# single ip/port
netsh http show sslcert ipport=<ipAddress>:<port>

remove binding

netsh http delete sslcert ipport=<ipAddress>:<port>


When attempting to bind, the following error might occur;

A specified logon session does not exist. It may already have been terminated.

This means a private key needs to be attached to the certificate prior to binding.


windows certificate store

Add certificate authority

Via administrator session

certutil -addstore "CA" .\SomeCertAuthority.pem

Add -f to force replace if the cert already exists