Windows 10 netsh http command

Microsoft Windows [Version 10.0.19045.3570]
(c) Microsoft Corporation. C:\Windows>netsh http ? The following commands are available: Commands in this context: ? - Displays a list of commands. add - Adds a configuration entry to a table. delete - Deletes a configuration entry from a table. dump - Displays a configuration script. flush - Flushes internal data. help - Displays a list of commands. show - Displays information. update - Updates a configuration entry to a table. To view help for a command, type the command, followed by a space, and then type ?.

Adds a configuration entry to a table.

netsh http add


C:\Windows>netsh http add ?

The following commands are available:

Commands in this context:
add cacheparam - Adds an HTTP service cache parameter
add iplisten   - Adds an IP address to the IP listen list. 
add setting    - Adds a global setting to the service.
add sslcert    - Adds an SSL server certificate binding.
add timeout    - Adds a global timeout to the service.
add urlacl     - Adds an URL reservation entry. 

Adds an HTTP service cache parameter

netsh http add cacheparam


C:\Windows>netsh http add cacheparam ?
                                  
Usage: add cacheparam [type=]cacherangechunksize|maxcacheresponsesize 
             [value=]<ulong>                                
 
Parameters: 
 
        Tag                       Value                       
        type                    - Type of parameter for setting. 
        value                   - Value (in bytes). If value is in 
                                  hex, then add the prefix 0x.         
                                                                             
Remarks: Adds HTTP service cache parameter.                        

Examples: 
 
        add cacheparam type=maxcacheresponsesize value=524288 
        add cacheparam type=cacherangechunksize value=131072 

Adds an IP address to the IP listen list.

netsh http add iplisten


C:\Windows>netsh http add iplisten ?
                                            
Usage: add iplisten [ipaddress=]<IP address>                                        
                                                                             
Parameters: 
                                                                             
    Tag       Value                                                          
    ipaddress - The IPv4 or IPv6 address to be added to the IP listen list.  
                                                                             
Remarks: Adds a new IP address to the IP listen list. This does not include 
         the port number. The IP listen list is used to scope the list of 
         addresses to which the HTTP service binds. "0.0.0.0" means any 
         IPv4 address and "::" means any IPv6 address.                   
                                                                             
Examples: 
                                                                             
         add iplisten ipaddress=fe80::1                                             
         add iplisten ipaddress=1.1.1.1                                             
         add iplisten ipaddress=0.0.0.0                                             
         add iplisten ipaddress=::                                                

Adds a global setting to the service.

netsh http add setting


C:\Windows>netsh http add setting ?
                                  
Usage: add setting [settingtype=]sslthrottle                        
             [value=]<ulong>                                  
 
Parameters: 
 
        Tag                       Value                       
        settingtype             - Type of the setting. 
        value                   - Value of the setting. If value is in 
                                  hex, then add the prefix 0x.         
                                                                             
Remarks: Adds a global setting to the service.                        

Examples: 
 
        add setting settingtype=sslthrottle value=1000 

Adds an SSL server certificate binding.

netsh http add sslcert


C:\Windows>netsh http add sslcert ?

Usage: add sslcert hostnameport=<name:port> | ipport=<ipaddr:port> | ccs=<port>
	appid=<GUID>
	[certhash=<string>]
	[certstorename=<string>]
	[verifyclientcertrevocation=enable|disable]
	[verifyrevocationwithcachedclientcertonly=enable|disable]
	[usagecheck=enable|disable]
	[revocationfreshnesstime=<u-int>]
	[urlretrievaltimeout=<u-int>]
	[sslctlidentifier=<string>]
	[sslctlstorename=<string>]
	[dsmapperusage=enable|disable]
	[clientcertnegotiation=enable|disable]
	[reject=enable|disable]
	[disablehttp2=enable|disable]
	[disablequic=enable|disable]
	[disablelegacytls=enable|disable]
	[disabletls12=enable|disable]
	[disabletls13=enable|disable]
	[disableocspstapling=enable|disable]
	[enabletokenbinding=enable|disable]
	[logextendedevents=enable|disable]
	[enablesessionticket=enable|disable]

Parameters: 
	Tag: Value
	ipport: IP address and port for the binding.
	hostnameport: Unicode hostname and port for binding.
	ccs: Central Certificate Store binding.
	certhash: The SHA hash of the certificate. This hash is 20 bytes long and specified as a hex string.
	appid: GUID to identify the owning application.
	certstorename: Store name for the certificate. Required for Hostname based configurations. Defaults to MY
		for IP based configurations. Certificate must be stored in the local machine context.
	verifyclientcertrevocation: Turns on/off verification of revocation of client certificates.
	verifyrevocationwithcachedclientcertonly: Turns on/off usage of only cached client certificate for revocation
		checking.
	usagecheck: Turns on/off usage check. Default is enabled.
	revocationfreshnesstime: Time interval to check for an updated certificate revocation list (CRL). If this
		value is 0, then the new CRL is updated only if the previous one expires (in seconds).
	urlretrievaltimeout: Timeout on attempt to retrieve certificate revocation list for the remote URL (in
		milliseconds).
	sslctlidentifier: List the certificate issuers that can be trusted. This list can be a subset of the
		certificate issuers that are trusted by the machine.
	sslctlstorename: Store name under LOCAL_MACHINE where SslCtlIdentifier is stored.
	dsmapperusage: Turns on/off DS mappers. Default is disabled.
	clientcertnegotiation: Turns on/off negotiation of certificate. Default is disabled.
	reject: When enabled, any new matching connection is immediately dropped.
	disablehttp2: When set, HTTP2 is disabled for new matching connections immediately.
	disablequic: When set, QUIC is disabled for new matching connections immediately.
	disablelegacytls: When set, legacy versions of TLS are disabled.
	disabletls12: When set, TLS1.2 is disabled for new matching connections immediately.
	disabletls13: When set, TLS1.3 is disabled for new matching connections immediately.
	disableocspstapling: When set, OCSP stapling is disabled for new matching connections immediately.
	enabletokenbinding: When set, token binding is enabled for new connections immediately.
	logextendedevents: When set, additional events useful for debugging are logged.
	enablesessionticket: When set, TLS session resumption is enabled.

Remarks: Adds an SSL server certificate binding and corresponding client certificate policies for an IP address
or hostname and a port.

Examples: 

 add sslcert ipport=1.1.1.1:443 certhash=0102030405060708090A appid={00112233-4455-6677-8899-AABBCCDDEEFF}
 add sslcert hostnameport=www.contoso.com:443 certhash=0102030405060708090A appid={00112233-4455-6677-8899-AABBCCDDEEFF} certstorename=MY
 add sslcert scopedccs=www.contoso.com:443 appid={00112233-4455-6677-8899-AABBCCDDEEFF}
 add sslcert ccs=443 appid={00112233-4455-6677-8899-AABBCCDDEEFF}

Adds a global timeout to the service.

netsh http add timeout


C:\Windows>netsh http add timeout ?
                                  
Usage: add timeout [timeouttype=]idleconnectiontimeout|headerwaittimeout 
             [value=]<u-short>                                
 
Parameters: 
 
        Tag                       Value                       
        timeouttype             - Type of timeout for setting. 
        value                   - Value of the timeout (in seconds). If value is in 
                                  hex, then add the prefix 0x.         
                                                                             
Remarks: Adds a global timeout to the service.                        

Examples: 
 
        add timeout timeouttype=idleconnectiontimeout value=120 
        add timeout timeouttype=headerwaittimeout value=0x40 

Adds an URL reservation entry.

netsh http add urlacl


C:\Windows>netsh http add urlacl ?
                               
Usage: add urlacl [url=]<string> 
             [ [user=]<string> 
                               [ [listen=]yes|no [delegate=]yes|no ] 
               |  
               [sddl=]<string> 
             ]
                                                     
Parameters: 
                                                          
    Tag        Value                                        
    url      - The fully qualified URL 
    user     - The user or user-group name 
    listen   - One of the following values: 
               yes: Allow the user to register URLs. This is the Default value. 
               no: Deny the user from registering URLs 
    delegate - One of the following values: 
               yes: Allow the user to delegate URLs 
               no: Deny the user from delegating URLs. This is the default value. 
    sddl     - SDDL string that describes the DACL 
                                                          
Remarks: This command reserves the URL for non-administrator users and 
         accounts. The DACL can be specified by using an NT account name 
         with the listen and delegate parameters or by using an SDDL string. 
                                                                      
Example: 
                                                          
         add urlacl url=http://+:80/MyUri user=DOMAIN\user 
         add urlacl url=http://www.contoso.com:80/MyUri user=DOMAIN\user listen=yes 
         add urlacl url=http://www.contoso.com:80/MyUri user=DOMAIN\user delegate=no 
         add urlacl url=http://+:80/MyUri sddl=... 

Deletes a configuration entry from a table.

netsh http delete


C:\Windows>netsh http delete ?

The following commands are available:

Commands in this context:
delete cache   - Deletes entries from the HTTP service kernel URI cache.
delete iplisten - Deletes an IP address from the IP listen list. 
delete setting - Deletes a global setting. 
delete sslcert - Deletes SSL certificate bindings.
delete timeout - Deletes a global timeout. 
delete urlacl  - Deletes a URL reservation. 

Deletes entries from the HTTP service kernel URI cache.

netsh http delete cache


C:\Windows>netsh http delete cache ?
                                 
Usage: delete cache [[url=]<string> [[recursive=]yes|no]]]           
                                                              
Parameters: 
                                                              
    Tag         Value                                         
    url       - Fully qualified URL.                          
    recursive - If yes, removes all entries under the specified url 
                                                              
Remarks: This command flushes the entire URI cache or deletes entries per specified URI. 
                                                              
Examples: 
      delete cache url=http://www.contoso.com:80/myresource/ recursive=yes 
      delete cache                                                   

Deletes an IP address from the IP listen list.

netsh http delete iplisten


C:\Windows>netsh http delete iplisten ?
                                         
Usage: delete iplisten [ipaddress=]<IP address>                                        
                                                                             
Parameters: 
                                                                             
    Tag       Value                                                          
    ipaddress - The IPv4 or IPv6 address to be deleted from the IP Listen 
                list. This does not include the port number. 
                                                                             
Remarks: Deletes an IP address from the IP listen list. The IP listen list   
         is used to scope the list of addresses to which the HTTP service    
         binds.                                                              
                                                                             
Examples: 
                                                                             
         delete iplisten ipaddress=fe80::1                                             
         delete iplisten ipaddress=1.1.1.1                                             
         delete iplisten ipaddress=0.0.0.0                                             
         delete iplisten ipaddress=::                                                  

Deletes a global setting.

netsh http delete setting


C:\Windows>netsh http delete setting ?
                                       
Usage: delete setting [settingtype=]sslthrottle                                
                                                                      
Parameters: 
 
        Tag                       Value                               
        settingtype             - Type of the setting.                
 
Remarks: deletes a global setting and makes the service revert to default 
         values.                                                      
 
Examples: 
                                                                      
        delete setting settingtype=sslthrottle                                 

Deletes SSL certificate bindings.

netsh http delete sslcert


C:\Windows>netsh http delete sslcert ?
 
Usage: delete sslcert ipport=<ipaddr:port> | hostnameport=<name:port> | ccs=<port> 
 
Parameters: 
 
    Tag             Value 
    ipport -       The IPv4 or IPv6 address and port for which 
                   the SSL certificate bindings will be deleted. 
    hostnameport - The hostname and port for which the SSL 
                   certificate binding will be deleted. When a 
                   wildcard binding is deleted, all bindings 
                   auto-generated from the wildcard binding will 
                   also get deleted.
    ccs -          The Central Certificate Store binding to delete. This 
                   will cause the system to internally purge all cached 
                   bindings that were derived from this binding. 
 
Remarks: Deletes SSL server certificate bindings and corresponding client 
         certificate policies.   
 
Examples: 
 
         delete sslcert ipport=1.1.1.1:443 
         delete sslcert ipport=0.0.0.0:443 
         delete sslcert ipport=[::]:443 
         delete sslcert hostnameport=www.contoso.com:443 
         delete sslcert scopedccs=www.contoso.com:443
         delete sslcert ccs=443 

Deletes a global timeout.

netsh http delete timeout


C:\Windows>netsh http delete timeout ?
                                       
Usage: delete timeout [timeouttype=]idleconnectiontimeout|headerwaittimeout    
                                                                      
Parameters: 
 
        Tag                       Value                               
        timeouttype             - Type of timeout for setting.        
 
Remarks: deletes a global timeout and makes the service revert to default 
         values.                                                      
 
Examples: 
                                                                      
        delete timeout timeouttype=idleconnectiontimeout                       
        delete timeout timeouttype=headerwaittimeout                           

Deletes a URL reservation.

netsh http delete urlacl


C:\Windows>netsh http delete urlacl ?
                             
Usage: delete urlacl [url=]<string>                               
                                                          
Parameters: 
                                                          
    Tag     Value 
    url  -  The fully qualified URL to be deleted.   
                                                          
Remarks: This command deletes a reserved URL.             
                                                          
Examples: 
                                                          
         delete urlacl url=http://+:80/MyUri                      
         delete urlacl url=http://www.contoso.com:80/MyUri         

Displays a configuration script.

netsh http dump


C:\Windows>netsh http dump ?

Usage: dump

Remarks: 
    Creates a script that contains the current configuration.  If saved to a
    file, this script can be used to restore altered configuration settings.

Flushes internal data.

netsh http flush


C:\Windows>netsh http flush ?

The following commands are available:

Commands in this context:
flush logbuffer - Flushes the internal buffers for the log files.

Flushes the internal buffers for the log files.

netsh http flush logbuffer


C:\Windows>netsh http flush logbuffer ?
                                 
Usage: flush logbuffer                                                  
                                                              
Remarks: This commands flushes the internal buffers for the log files. 
                                                              
Examples: 
      flush logbuffer                                                   

Displays a list of commands.

netsh http help


C:\Windows>netsh http help ?

Usage: help

Remarks: 
       Displays a list of commands.

Displays information.

netsh http show


C:\Windows>netsh http show ?

The following commands are available:

Commands in this context:
show cacheparam - Shows the cache parameters of HTTP service .
show cachestate - Lists cached URI resources and their associated properties.
show iplisten  - Displays all the IP addresses in the IP listen list.
show servicestate - Shows a snapshot of the HTTP service.
show setting   - Shows the setting values of the service.
show sslcert   - Displays SSL certificate bindings. 
show timeout   - Shows the timeout values of the service.
show urlacl    - Displays URL namespace reservations. 

Shows the cache parameters of HTTP service .

netsh http show cacheparam


C:\Windows>netsh http show cacheparam ?
                                         
Usage: show cacheparam                                                          
 
Remarks: Shows the cache parameters of HTTP service (in bytes) .        
                                                                      
Examples: 
      show cacheparam                                                           

Lists cached URI resources and their associated properties.

netsh http show cachestate


C:\Windows>netsh http show cachestate ?
                             
Usage: show cachestate [[url=]<string>]                                 
                                                              
Parameters: 
                                                              
    Tag       Value                                           
    url   -   Fully qualified URL. If unspecified, implies all
              URLs. The URL could also be a prefix to registered URLs 
                                                              
Remarks: This command lists all resources and their associated properties 
         that are cached in HTTP response cache or displays a single 
         resource and its associated properties.              
                                                              
Examples: 
      show cachestate url=http://www.contoso.com:80/myresource           
      show cachestate                                                   

Displays all the IP addresses in the IP listen list.

netsh http show iplisten


C:\Windows>netsh http show iplisten ?
                        
Usage: show iplisten                                              
                                                          
Remarks: Lists all IP addresses in the IP listen list. The IP listen list 
         is used to scope the list of addresses to which the HTTP service 
         binds. "0.0.0.0" means any IPv4 address and "::" means 
         any IPv6 address.                                

Shows a snapshot of the HTTP service.

netsh http show servicestate


C:\Windows>netsh http show servicestate ?
                           
Usage: show servicestate [[view=]session|requestq] [[verbose=]yes|no]     
                                                              
Parameters: 
                                                              
    Tag       Value                                           
    view   -  View snapshot of HTTP service state based on server 
              session or request queues.                      
    verbose - View verbose information showing property information too. 
                                                              
Remarks: Shows a snapshot of the HTTP service. 
 
Examples: 
      show servicestate view="session"                                  
      show servicestate view="requestq"                                 

Shows the setting values of the service.

netsh http show setting


C:\Windows>netsh http show setting ?
                                         
Usage: show setting                                                          
 
Remarks: Shows the setting values of the service (in seconds).        
                                                                      
Examples: 
      show setting                                                           

Displays SSL certificate bindings.

netsh http show sslcert


C:\Windows>netsh http show sslcert ?
 
Usage: show sslcert ipport=<ipaddr:port> | hostnameport=<name:port> | ccs=<port> 
 
Parameters: 
 
    Tag             Value 
    ipport -        The IPv4 or IPv6 address and port for which the SSL 
                    certificate bindings will be displayed. 
    hostnameport -  The hostname and port for which the SSL 
                    certificate bindings will be displayed. 
    ccs -           The Central Certificate Store binding to display. 
 
Remarks: Lists SSL server certificate bindings and corresponding client 
         certificate policies. Not providing a specification causes all 
         bindings to be displayed. 
 
Examples: 
 
         show sslcert ipport=[fe80::1]:443 
         show sslcert ipport=1.1.1.1:443 
         show sslcert ipport=0.0.0.0:443 
         show sslcert ipport=[::]:443 
         show sslcert hostnameport=www.contoso.com:443 
         show sslcert scopedccs=www.contoso.com:443
         show sslcert ccs=443 
         show sslcert 

Shows the timeout values of the service.

netsh http show timeout


C:\Windows>netsh http show timeout ?
                                         
Usage: show timeout                                                          
 
Remarks: Shows the timeout values of the service (in seconds).        
                                                                      
Examples: 
      show timeout                                                           

Displays URL namespace reservations.

netsh http show urlacl


C:\Windows>netsh http show urlacl ?
                              
Usage: show urlacl [url=]<string>                               
                                                          
Parameters: 
                                                          
    Tag     Value 
    url  -  The fully qualified URL. If unspecified, implies all URLs.   
                                                          
Remarks: This command lists DACLs for the specified reserved URL or all 
         reserved URLs.                                   
 
Example: 
                                                          
         show urlacl url=http://+:80/MyUri                      
         show urlacl url=http://www.contoso.com:80/MyUri         
         show urlacl 

Updates a configuration entry to a table.

netsh http update


C:\Windows>netsh http update ?

The following commands are available:

Commands in this context:
update sslcert - Updates an existing SSL server certificate binding.
update sslpropertyex - Updates the extended properties of an existing SSL server certificate binding. 

Updates an existing SSL server certificate binding.

netsh http update sslcert


C:\Windows>netsh http update sslcert ?

Usage: update sslcert hostnameport=<name:port> | ipport=<ipaddr:port> | ccs=<port>
	appid=<GUID>
	[certhash=<string>]
	[certstorename=<string>]
	[verifyclientcertrevocation=enable|disable]
	[verifyrevocationwithcachedclientcertonly=enable|disable]
	[usagecheck=enable|disable]
	[revocationfreshnesstime=<u-int>]
	[urlretrievaltimeout=<u-int>]
	[sslctlidentifier=<string>]
	[sslctlstorename=<string>]
	[dsmapperusage=enable|disable]
	[clientcertnegotiation=enable|disable]
	[reject=enable|disable]
	[disablehttp2=enable|disable]
	[disablequic=enable|disable]
	[disablelegacytls=enable|disable]
	[disabletls12=enable|disable]
	[disabletls13=enable|disable]
	[disableocspstapling=enable|disable]
	[enabletokenbinding=enable|disable]
	[logextendedevents=enable|disable]
	[enablesessionticket=enable|disable]

Parameters: 
	Tag: Value
	ipport: IP address and port for the binding.
	hostnameport: Unicode hostname and port for binding.
	ccs: Central Certificate Store binding.
	certhash: The SHA hash of the certificate. This hash is 20 bytes long and specified as a hex string.
	appid: GUID to identify the owning application.
	certstorename: Store name for the certificate. Required for Hostname based configurations. Defaults to MY
		for IP based configurations. Certificate must be stored in the local machine context.
	verifyclientcertrevocation: Turns on/off verification of revocation of client certificates.
	verifyrevocationwithcachedclientcertonly: Turns on/off usage of only cached client certificate for revocation
		checking.
	usagecheck: Turns on/off usage check. Default is enabled.
	revocationfreshnesstime: Time interval to check for an updated certificate revocation list (CRL). If this
		value is 0, then the new CRL is updated only if the previous one expires (in seconds).
	urlretrievaltimeout: Timeout on attempt to retrieve certificate revocation list for the remote URL (in
		milliseconds).
	sslctlidentifier: List the certificate issuers that can be trusted. This list can be a subset of the
		certificate issuers that are trusted by the machine.
	sslctlstorename: Store name under LOCAL_MACHINE where SslCtlIdentifier is stored.
	dsmapperusage: Turns on/off DS mappers. Default is disabled.
	clientcertnegotiation: Turns on/off negotiation of certificate. Default is disabled.
	reject: When enabled, any new matching connection is immediately dropped.
	disablehttp2: When set, HTTP2 is disabled for new matching connections immediately.
	disablequic: When set, QUIC is disabled for new matching connections immediately.
	disablelegacytls: When set, legacy versions of TLS are disabled.
	disabletls12: When set, TLS1.2 is disabled for new matching connections immediately.
	disabletls13: When set, TLS1.3 is disabled for new matching connections immediately.
	disableocspstapling: When set, OCSP stapling is disabled for new matching connections immediately.
	enabletokenbinding: When set, token binding is enabled for new connections immediately.
	logextendedevents: When set, additional events useful for debugging are logged.
	enablesessionticket: When set, TLS session resumption is enabled.

Remarks: Updates an SSL server certificate binding and corresponding client certificate policies for an IP address
or hostname and a port.

Examples: 

 update sslcert ipport=1.1.1.1:443 certhash=0102030405060708090A appid={00112233-4455-6677-8899-AABBCCDDEEFF}
 update sslcert hostnameport=www.contoso.com:443 certhash=0102030405060708090A appid={00112233-4455-6677-8899-AABBCCDDEEFF} certstorename=MY
 update sslcert scopedccs=www.contoso.com:443 appid={00112233-4455-6677-8899-AABBCCDDEEFF}
 update sslcert ccs=443 appid={00112233-4455-6677-8899-AABBCCDDEEFF}

Updates the extended properties of an existing SSL server certificate binding.

netsh http update sslpropertyex


C:\Windows>netsh http update sslpropertyex ?
 
Usage: update sslpropertyex hostnameport=<name:port> | ipport=<ipaddr:port> | ccs=<port> 
	[propertyid=0 receivewindow=<bytes>] | [propertyid=1 maxsettingsperframe=<value> maxsettingsperminute=<value>]

Parameters: 
    Tag: Value 
    ipport: IP address and port for the binding. 
    hostnameport: Unicode hostname and port for binding. 
    ccs: Central Certificate Store binding. 
    propertyid: The below parameters are classified into different property ids. 
    receivewindow: bytes. Updates the http2 receive window size for http/2 connections. This 
          should be between 0xffff and 0x7fffffff (inclusive). Propertyid = 0.
    maxsettingsperframe: The maximum number of http2 settings allowed per settings frame. This value 
          should be less than or equal to 2796202 (per RFC). Propertyid = 1.
    maxsettingsperminute: The maximum number of http2 settings allowed per minute. This value 
          should not be less than 7 (the minimum settings we support). Propertyid = 1.
 
Remarks: updates an existing SSL server certificate binding parameters and corresponding client ce- 
          rtificate policies for an IP address or hostname and a port.     
 
Examples: 
 
 update sslpropertyex ipport=1.1.1.1:443 propertyid=0 receivewindow=1048576 
 update sslpropertyex hostnameport=www.contoso.com:443 propertyid=1 maxsettingsperframe=1024 maxsettingsperminute=1024 
 update sslpropertyex ccs=443 



- cn -/- de -/- en -









Windows-10


... Windows 10 FAQ
... Windows 10 How To


Windows 10 How To


... Windows 11 How To
... Windows 10 FAQ



HTTP: ... console/en/index.htm
0.156
7529
The Stop Watch and Countdown Timer for Windows 11, 10, ... all MS OS! Screensavers prevent under Windows 11, 10, 8.1, ...! The best alternative File Explorer for new Windows 11 and old Windows 10! Put the picture in the first position of the PDF, very easy! V-Ram test the quality of the Ram and the Virtual PC/CPU! Easy detect the Color Value RGB, HLS, .... like a Professional! The created file can not be compressed! USA football mouse tracks! Deactivate sorting for new objects in File Explorer! Windows BIN to ISO Converter Software for free 10, 8.1, 7.0 and MS Server Systems!



(0)