Self-hosting using SSL and WCF - can't bind certificate to port

Question

I have a WCF service that I want to access using SSL. I'm on my developer machine, so I was thinking of self-hosting the service. I've been following Configuring HTTP and HTTPS.

I've created a self-signed certificate which I added to the Trusted Root Certification Authorities. I've created another two certificates signed by the first one, one for the client and the other for the server. I followed Using makecert to create certificates for development.

I can't get past the SSL certificates configuration step. When I'm binding the certificate to the port number using netsh it throws an SSL error:

Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated.

Does the certificate need some special field or some other thing for this to work?

CA certificate:

makecert -n "CN=TestCA" -cy authority -a sha1 -sv "TestCA.pvk" -r "TEST_CA.cer"

Service certificate:

makecert -n "CN=rneapp.com" -ic "TEST_CA.cer"  -iv "TestCA.pvk" -a sha1 -sky exchange -pe -sv "rneapp.com.pvk" "rneapp.com.cer"

Client certificate:

makecert -n "CN=rneClient" -ic "TEST_CA.cer"  -iv "TestCA.pvk" -a sha1 -sky exchange -pe -sv "rneClient.pvk" "rneClient.cer"

I'm using this command to bind the certificate to the port:

netsh http add sslcert ipport=0.0.0.0:8465 certhash=a853f3b5b48b8a506bdc4212ba2726a3bfea2bb6 appid={2E53B9B0-17AE-4EBC-A1AE-43D53A6FD07D} clientcertnegotiation=enable

Answer 1

When I encountered the same issue, moving the certificate from Current User to Local Computer storage helped, so try checking your certificate storage.

Built-in help for netsh http add sslcert also mentions this with regard to certstorename option:

        certstorename           - Store name for the certificate. Defaults
                                  to MY. Certificate must be stored in the
                                  local machine context.