I wish to bind a self signed certificate to a port for developing my self hosted wcf application, but I always fail.
Steps I've done:
created the root certificate:
makecert.exe -a SHA256 -n "CN=DemoCA" -r -sv TempDemoCA.pvk TempDemoCA.cer
created the client cert:
makecert.exe -a SHA256 -sk Demo -iv TempDemoCA.pvk -n "CN=DemoTempCert" -ic TempDemoCA.cer DemoTemp.cer -sr currentuser -ss My -sky exchange
imported the root cert with mmc.exe(as Administrator) into local computer certificates
imported the client cert with mmc.exe into local computer certificates
added the private key to the client cert, because it didn't have the key icon:
certutil -repairstore my "MyKeyHash"
Added a firewall entry:
netsh http add urlacl url=https://+:9003/ user=domain\user listen=yes
tried to bind the certificate to the port(as admin):
netsh http add sslcert ipport=0.0.0.0:9003 certhash=MyCertHash appid={NewGuid} clientcertnegotiation=enable
But step 7 failed with error 1312.
SSL Certificate add failed, Error 1312
A specified logon session does not exist. It may already have been terminated.
All I found out by googling, doesn't solve my problem, e.g.: - import via mmc and not certmgr.msc - create a new certificate - KB Hotfix
Interesting fact: binding the existing "localhost" client certificate to a port works fine.
What am I doing wrong? Thanks in advance.
