NetSh Express Setup

The NetSh Express Setup helps you configure HTTP endpoints. This setup is available from any channel that requires an HTTP endpoint, for example the HTTP SMS channel and the HTTP API channel.

NetSh Express Setup

The NetSh Express Setup is used to configure the Windows operating system so you can securely and reliably accept HTTP calls. Find a more technical description of this wizard at the bottom of this page.

The following sections describe the configurable settings.

Certificate

If you select HTTPS in the previous screen of the NetSh Express Setup you need to select a certificate here. Every HTTPS connection requires a certificate that proves the identity of the server.

The certificate must be available in the My certificate store for the server user. The Server User field shows which user is used as the server context.

If the HTTP endpoint is used for internal access or testing, you can use a self signed certificate. In other cases you can use a commercial certificate or a Let’s Encrypt certificate.

You can also specify a certificate that is not in the list by using its thumbprint. You can find the thumbprint of a certificate by opening it in Microsoft Management Console (MMC), going to the Details tab, and locating the Thumbprint property.

Action

The default action is Auto configure HTTP bindings. You can click the green Play button to automatically configure the binding. This replaces any existing configuration.

Other options include Verify, which checks whether the existing configuration is correct, and Delete, which removes the existing configuration.

What actually happens

Whenever Auron Omni needs to set up an HTTP endpoint it uses the HTTP.sys engine. The HTTP.sys engine is built into Microsoft Windows Server and is the same engine used by Internet Information Services (IIS).

Since HTTP.sys is part of the Windows operating system, some configuration at OS level is required. This is normally done using the netsh command.

The NetSh Express Setup is a front end for the netsh command so you do not need to manually enter commands. After running the setup you can view the log file to see which commands were executed.

In the log file you will see two main operations:

NetSh http sslcert, which configures which certificate is used for the URL. This only runs when HTTPS is selected and a certificate is provided.

NetSh http urlacl, which configures the access control list for the URL.

The access control list defines which users or services are allowed to listen on a specific URL. This configuration is always required for a new HTTP endpoint.

HTTP.sys is the kernel mode component that listens for HTTP requests and forwards them to the channel. This is why ACL configuration is required, and it also enables advanced features such as port sharing. Port sharing allows multiple channels in Auron Omni to use the same port.