A few weeks ago I had a PR merged with PowerShell Polaris to add HTTPS support. I thought it would be nice to share how to configure HTTPS with Polaris. PowerShell Polaris currently is using HTTPListener underneath the scenes. HTTPListener uses the kernel mode “http.sys” drivers from Windows. The SSL cert is actually bound to the port that HTTPListener will use. Currently, Linux’s port of HTTPListener does not support HTTPS. (Though, I believe there is an unsupported way to add the cert using reflection). I believe the easiest way to use HTTPS on a Linux machine, would be to proxy SSL with something like stunnel.

I created a script that generates a self-signed ssl cert, downloads the newest Polaris Release from GitHub, and starts Polaris. Your browser will not trust the cert by default. New-SelfSignedCertificate does not support adding certs to the CA Store in Windows. You can ignore the error, and add the cert by hand. I am using a trusted cert from ADCS when I am usually working with Polaris. I first was trying to use Add-NetIPHttpsCertBinding instead of netsh to add the binding. But, I kept getting a file not found error. I believe this is a bug since I tried this on several machines.

Complete Script

$AppID = "{" + $(New-Guid) + "}"
$HostName = 'localhost'
$Port = '443'

$ZipPath = 'C:\temp\master.zip'
$PolarisDownloadPath = 'C:\temp\PolarisDownload'
$PolarisPath = 'C:\temp\Polaris'


#Create Cert
$Cert = New-SelfSignedCertificate -DnsName $HostName -CertStoreLocation cert:\LocalMachine\MY
#Bind cert to port
Invoke-Expression -Command "netsh http add sslcert ipport=0.0.0.0:$($Port) certhash=$($Cert.Thumbprint) appid='$($AppID)' certstorename=MY"

#Download Newest Polaris Release
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri "https://github.com/PowerShell/Polaris/archive/master.zip" -OutFile $ZipPath
Expand-Archive -Path $ZipPath -DestinationPath $PolarisDownloadPath
Move-item "$PolarisDownloadPath\Polaris-master" $PolarisPath


Import-Module $PolarisPath

New-PolarisGetRoute -Path "/HelloWorld" -Scriptblock {

    $Respone = "Hello World"

    $Response.Send($Respone);
}

Start-Polaris -Port $Port -Https