How can we help?

NetSh Express Setup


The NetSh Express Setup helps you configure HTTP end-points. This setup is available from any channel that may require you to setup an HTTP end-point. For example the HTTP SMS channel and the HTTP API channel.

NetSh Express Setup

NetSh Express Setup

The NetSh Express Setup is used to configure the Windows operating system so you can securely and reliably accept HTTP calls. Find a more technical description of this wizard near the bottom of this page.

The following sections describe the configurable settings.

Certificate

If you’ve selected ‘HTTPS’ in the screen before the NetSh Express setup you’ll need to select a certificate here. Every HTTPS connection requires a certificate that proofs that the server is what it claims to be.

The certificate should be in the ‘My’ certificate store for the server user. The ‘Server User’ text field shows which user will be the server user.

If the HTTP end-point is for internal user or testing it’s easy to setup a self-signed certificate. In other cases you can setup a commercial certificate or a let’s encrypt certificate.

Specify a certificate that’s not already in the list by its ‘thumb-print’. You can find the thumbprint of a certificate by double clicking on the certificate in the Microsoft Management Console (MMC). Next go to the ‘Details’ tab and find the ‘thumbprint’ property.

Action

The default action is to ‘Auto configure HTTP bindings’. You can click on the green ‘Play’ button to automatically configure your binding. The automatic configuration replaces any existing configuration.

Other options are ‘Verify … ‘ which tests if existing configuration is correct and ‘Delete …’ which clears the existing configuration.

What actually happens

Whenever the SMS Server requires to setup an HTTP end-point it uses the HTTP.sys engine. The HTTP.sys engine is built-in to Microsoft Server and it’s the same engine that powers Microsoft’s own web server (IIS).

Since the HTTP.sys engine is part of the Windows operating system you’ll need to do some configuration on the operating system level to use it. Normally you’ll use the built-in ‘netsh’ command for this.

The Auron NetSh Express setup is a front-end over the ‘NetSh’ command so you won’t have to remember or type in these commands. After running the NetSh Express setup you can view the log file and see which commands it ran.

In the log file you’ll see two things happening:

‘NetSh http … sslcert …’ which deals with configuring which certificate to use for your URL. This only happens if you have specified ‘HTTPS’ and a certificate to use.

‘NetSh http … urlacl …’ which deals with modifying the ACL (Access Control List) for your URL.

The access control list controls who can listen on which URL so this part of the configuration always needs to happen with a new HTTP end-point.

Basically it’s the HTTP.sys kernel module that actually listens for HTTP calls and passes them to the channel. This is why the ACL configuration is required but it’s also why really powerful features such as port-sharing are possible. Port-sharing is why with the SMS Server you can have multiple channels listening on the same port.