How to configure IIS Express in order to allow a non-administrator to use SSL ports outside the range of 44300 to 44399?

Question

According to the IIS Express documentation administrative privileges are needed to run SSL using a port outside the range of 44300 to 44399.

For non-administrative users IIS Express

configures HTTP.SYS to reserve ports 44300 through 44399 for SSL
associates incoming SSL localhost requests in that range with a pre-installed self-signed SSL certificate

Is there a way to enable non-administrative users to run SSL on IIS-Express using a port outside the range of 44300 to 44399?

E.g. can I use netsh http add urlacl to open up SSL ports outside the range of 44300 to 44399 for user=EVERYONE ? E.g. can I use netsh http add sslcert to add the self-signed certicate to ports outside the range of 44300 to 44399 ?

Lex Li · Accepted Answer · 2020-06-04T14:20:45.060

1

IIS Express installer creates several IP based bindings in Windows HTTP API, and that's why 44300-44399 has been enabled by default.

You can feel free to create more such bindings (via netsh http add sslcert command), but creation of them requires administrator permissions.

Reference

netsh http add urlacl is not needed, as it serves other purposes.

edited Jun 04 '20 at 14:20

answered Jun 04 '20 at 14:09

Lex Li

912
6
10

How to configure IIS Express in order to allow a non-administrator to use SSL ports outside the range of 44300 to 44399?

1 Answers1