“The parameter is incorrect.” error using netsh http add sslcert

Question

Following the instructions on \"How to: Configure a Port with an SSL Certificate\" in this link: http://msdn.microsoft.com/en-us/library/ms733791.aspx, I entered this comman

Answer 1

Sir, you have ipport: rather than ipport= which is easy to do since you follow that with ip:port

Also, watch out for the { versus < or (, that has also gotten me in the past.

Answer 2

The "-"s are NOT irrelevant. If your guid doesnt look exactly like this you will get the incorrect parameter error: {EDE3C891-306C-40fe-BAD4-895B236A1CC8} vs. EDE3C891306C40feBAD4895B236A1CC8 -> WRONG {EDE3C891306C40feBAD4895B236A1CC8} -> WRONG

Also Im using the guid for the appid of the IIS, not a random one.

Answer 3

1. Copy the command into notepad
2. Save it as ANSI
3. Close and reopen the file
4. Remove bogus ? characters
5. Copy from notepad to the command prompt and run the command

Answer 4

I ran across this question while looking for a solution to the problem. I finally found one that worked for me.

My certhash parameter wasn't fully 20 bytes long. I had to pad it with zeroes in front to get it to work.

So, instead of

certhash=112233445566778899aabbccddeeff00, I had to do this:

certhash=00000000112233445566778899aabbccddeeff00.

Hope this helps.

Answer 5

It could be useful to add my resolution in this thread :

I was trying to add an ippport with the hostnameport parameter so I got this parameter error.

netsh http add sslcert hostnameport="10.0.0.120:443"

Instead of :

netsh http add sslcert ipport="10.0.0.120:443"

Cya !

Answer 6

This will work from the PowerShell commadline:

$AppId = [Guid]::NewGuid().Guid
$Hash = "209966E2BEDA57E3DB74FD4B1E7266F43EB7B56D"

netsh http add sslcert hostname=localhost:8088 certhash=$Hash appid=`{$AppId`} certstorename my

The important details are to escape each { } with a backtick (`) and not to omit certstorename. Otherwise netsh raises an error 87.

The variables are just for sake of convenience.