{"type":"doc","content":[{"type":"paragraph","content":[{"text":"It is possible to run Kodiak OMS web services under ssl.","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Certificate","type":"text"}]},{"type":"paragraph","content":[{"text":"A supported and trusted ssl certificate must be availble on the server.","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Port registration example","type":"text"}]},{"type":"paragraph","content":[{"text":"This show how to register a certificate for ports. In our example we will be using 3 ports. 8091, 9091 and 5001.","type":"text"}]},{"type":"codeBlock","content":[{"text":"netsh http add sslcert ipport=0.0.0.0:8091 certhash=991ab4fb6080ce11d64ba60bea79f4f81a014bb0 appid={12345678-1234-1234-1234-123456789013}\nnetsh http add sslcert ipport=0.0.0.0:9091 certhash=991ab4fb6080ce11d64ba60bea79f4f81a014bb0 appid={12345678-1234-1234-1234-123456789013}\nnetsh http add sslcert ipport=0.0.0.0:5001 certhash=991ab4fb6080ce11d64ba60bea79f4f81a014bb0 appid={12345678-1234-1234-1234-123456789013}","type":"text"}]},{"type":"paragraph"},{"type":"heading","attrs":{"level":4},"content":[{"text":"Renewal/Removal","type":"text"}]},{"type":"paragraph","content":[{"text":"In case the certificate needs to be renewed or changed the old certificate needs to be removed","type":"text"}]},{"type":"codeBlock","content":[{"text":"netsh http delete sslcert ipport=0.0.0.0:8085","type":"text"}]},{"type":"paragraph"},{"type":"heading","attrs":{"level":4},"content":[{"text":"Kodiak Server","type":"text"}]},{"type":"paragraph","content":[{"text":"appSettings.config","type":"text"}]},{"type":"codeBlock","content":[{"text":"\n\n\n\n\n\n\n\n\n\n\n\n","type":"text"}]},{"type":"paragraph"},{"type":"paragraph","content":[{"text":"serviceModel.configuration","type":"text"}]},{"type":"paragraph","content":[{"text":"Behaviors","type":"text"}]},{"type":"codeBlock","content":[{"text":" \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n ","type":"text"}]},{"type":"paragraph"},{"type":"paragraph","content":[{"text":"Finding Certificates in the behavior.","type":"text"}]},{"type":"paragraph","content":[{"text":"It is possible to set the x509FindType to use different methods to find the certificate. Below are examples for subject name or thumbprint. Thumbprint values need to be changed when the certificate is renewed and the value changes. FindBySubjectName should be more resilient to such changes.","type":"text"}]},{"type":"paragraph"},{"type":"paragraph","content":[{"text":"FindByThumbprint","type":"text"}]},{"type":"paragraph","content":[{"text":" ","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"FindBySubjectName","type":"text"}]},{"type":"paragraph","content":[{"text":" ","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph"},{"type":"paragraph","content":[{"text":"Binding","type":"text"}]},{"type":"codeBlock","content":[{"text":"\n \n \n \n \n \n \n \n\n\n \n \n \n \n \n \n \n\n","type":"text"}]},{"type":"paragraph","content":[{"text":"Services","type":"text"}]},{"type":"codeBlock","content":[{"text":" \n \n \n \n \n \n \n \n ","type":"text"}]},{"type":"paragraph"},{"type":"heading","attrs":{"level":4},"content":[{"text":"Trade Report Server","type":"text"}]},{"type":"paragraph","content":[{"text":"To enable ssl for the Trade Report server a certificate thumbprint must be specified under TradeReportServerWebsocketCertificateThumbPrint. (Beware of hidden characters when pasting from certificate details window.)","type":"text"}]},{"type":"codeBlock","content":[{"text":" \n \n \n \n ...\n \n \n ","type":"text"}]},{"type":"paragraph"},{"type":"paragraph","content":[{"text":"Client","type":"text"}]},{"type":"codeBlock","content":[{"text":"...\n \n...\n \n \n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n ","type":"text"}]}],"version":1}

Browser not supported