HTTPSecure

If HTTPSecure will be used, on the G-Scope on which the G-Server is running, the SSL/TLS certificate must be installed and signed. The signature can be added manually (Signing an SSL Certificate or by using a batch file (Signing an SSL Certificate with the TOOL GCoreWeb_RegisterSSLCerificate.bat). Signing using a batch file is recommended.

Call up explicitly with https//:IP address!

Installing an SSL/TLS Certificate in Windows

Open the Certification Manager: Press Window Key + R and in the dialog box enter certlm.msc. Confirm with OK. (Alternatively: Click Start with the mouse and then under run, enter certlm.msc and press return.)

You should see this window:

In the toolbar, click Action, then All Tasks, then Import….

Choose, if possible, Local Computer in the first step as the destination.

The dialog asks for the path and name of the certificate. You can use Search… to look for the certificate. When searching, make sure that the correct file extension is selected, otherwise the certificate will not appear. Then confirm with Next.

Now the password must be entered to unlock the private key of the certificate. The option Include all extended properties must be enabled.

Optionally: The option Enable strong private key protection… when the private key should not be made available to everyone when re-using the certificate.

At the end, the folder must be selected where the certificate will be saved. Place all certificates in the following store should be selected. By default, My certificates is then entered. If this is not the case, it should be modified accordingly.

Click Finish to complete the installation. The certificate should now be shown in the Certificate Manager under My Certificates/Certificates.

Signing an SSL Certificate

Under My Certificates/Certificates (see above under Installation), double click the certificate to be signed. The Properties window of the certificate opens.

In the tab Details click on the entry Thumbprint and copy the HEX number series from the lower window.

Save the HEX values in a text editor and remove all spaces between the HEX values.

The console window must now be opened (C:\Windows\system32\cmd.exe Run as administrator) and the following command entered. During this process the certhash value must be replaced by the value that you saved and edited.

Press the Enter key to sign the certificate:

netsh http add sslcert ipport=0.0.0.0:443 certhash=‎0000000000000000000000000000000000000000 appid={712446fe-eff0-4905-a993-2df8b9f801ee}

Note: The appid is from G-Web and therefore must not be changed.

Signing an SSL Certificate with the TOOL GCoreWeb_RegisterSSLCerificate.bat

Open the file GCoreWeb_RegisterSSLCerificate.bat as an administrator. To register a certificate, press 1.

Then specify the desired port (for HTTPS this is 443 by default) and proceed by pressing the Enter key.

The program now asks for the thumbprint of the certificate. To obtain it, GCoreWeb_RegisterSSLCerificate.bat automatically opens the Windows Certificate Manager.

Under My Certificates/Certificates (see above under Installation), double click the certificate to be signed. The Properties window of the certificate opens.

In the tab Details click on the entry Thumbprint and copy the HEX number series from the lower window.

Now paste the copied HEX values in GCoreWeb_RegisterSSLCerificate.bat.

Before continuing by pressing the Enter key, all spaces between the HEX numbers (and if it is present, the ? at the start of the string) must be removed.

Then press the Enter key. The certificate should now be signed and a message appears stating that the operation was successful.