Advanced Installation TopicsSelf-Signed SSL for NAS

Self-Signed SSL for NAS

Sana Commerce 8.3
Your provider

Configure ACL and NAS Port (WS 2008)

The commands in this chapter are applicable if you are running on Windows Server 2008.

To configure Access Control List and Microsoft Dynamics NAS service port:

Step 1: Delete any entries that use the same port as NAS. To do this, execute the following command:

netsh http delete urlacl url=http://+:6050/navision/

Step 2: Check the URL reservation. Execute the following command:

netsh http show urlacl

Step 3: Register the port for the NAS with https. Execute the following command:

netsh http add urlacl url=https://+:6050/navision/ user=USERNAME
Specify the user name of the service account for NAS. If the service account for NAS is Network Service, then use "NT AUTHORITY\NETWORK SERVICE".

Step 4: To verify that your port has been registered, execute the following command:

netsh http show urlacl

Step 5: Determine certhash and appid of the certificate. Execute the following command:

certutil -store "My" "0.0.0.0"
Substitute the subject's certificate name ("0.0.0.0") with the external server IP address.

After executing the command you will see the certificate details. Copy the Cert Hash into any text editor without any spaces.

Step 6: Bind an SSL certificate to the NAS port. Execute the following command:

netsh http add sslcert ipport=0.0.0.0:6050 certhash=14d8442f6703709002d825de36c47769cc6cb6b4 appid={12c1ee1b-a83f-40bc-badb-798f4be9802d}

Substitute the following options with the proper values:

Option Description
ipaddress The IP address that can use NAS. You can use 0.0.0.0 to include all IP addresses.
port The port that is used by NAS.
certhash The certificate thumbprint that you pasted to the text editor previously.
appid A 32-digit hexadecimal number that identifies the Microsoft Dynamics NAV application. The id must be in the format {NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN}. If you do not know the appid, then use any value, such as {00112233-4455-6677-8899-AABBCCDDEEFF}.

Step 7: To verify the SSL certificate binding, execute the following command:

netsh http show ssl

Step 8: Restart NAS service.

Advanced Installation TopicsSelf-Signed SSL for NAS