Hi everybody,

Questions are coming to me about how can work signalr with SSL. It’s so simple.

As a default, signalr selfhost under http procotol. You need to change this to https and 443 port. After this you need get the certificate hash.

Finding the CertHash

I mentioned the certhash below: To find the certhash, you need to find the certificate’s ThumbPrint which can be found in a couple of ways using:

  • The IIS Certificate Manager
  • The Windows Certificate Storage Manager

Using IIS to get Certificate Info

If IIS is installed the former is the easiest. Here you can easily see all installed certificates and this UI is also the easiest way to create local self-signed certificates.

To look up an existing certificate, simply bring up the IIS Management Console, go to the Machine node, then Server Certificates:

For every endpoint mapping you need to supply 3 values:

  • The ipport which identifies the ip and port
    Specified as ipport=0.0.0.0:8082 where the zeros mean all ip addresses on port 8082. Otherwise you can also specify a specific Ip Address.
  • The certhash which is the Certificate’s Thumbprint
    The certhash is the id that maps the certificate to the IP endpoint above.  You can find this hash by looking at the certificate in the Windows Certificate store. More on this in a minute.
  • An AppID which is fixed for HttpListener Hosting
    This value is static so always use appid={12345678-db90-4b66-8b01-88f7af2e36bf}

Before the install ssl cert check your ipport status with this on cmd :

netsh http show sslcert ipport=0.0.0.0:8082

If you don’t see any certificate, this is mean the port 8082 is available for install to certificate.

After this, type this on cmd :

netsh http add sslcert ipport=0.0.0.0:8082
           appid={12345678-db90-4b66-8b01-88f7af2e36bf} 
           certhash=yoursslcertificatehash

That’s it. Enjoy 🙂