Usage: %1!s! ipport= certhash= appid= certstorename= verifyclientcertrevocation=]enable|disable verifyrevocationwithcach ...

Usage: %1!s! [ipport=] 
             [certhash=] 
             [appid=] 
             [[certstorename=] 
              [verifyclientcertrevocation=]enable|disable 
              [verifyrevocationwithcachedclientcertonly=]enable|disable 
              [usagecheck=]enable|disable 
              [revocationfreshnesstime=] 
              [urlretrievaltimeout=] 
              [sslctlidentifier=] 
              [sslctlstorename=] 
              [dsmapperusage=]enable|disable 
              [clientcertnegotiation=]enable|disable]       
 
Parameters: 
 
        Tag                       Value 

        ipport                  - IP address and port for the binding. 
        certhash                - The SHA hash of the certificate. This hash 
                                  is 20 bytes long and specified as a hex 
                                  string. 
        appid                   - GUID to identify the owning application. 
        certstorename           - Store name for the certificate. Defaults 
                                  to MY. Certificate must be stored in the 
                                  local machine context. 
        verifyclientcertrevocation - Turns on/off verification of revocation 
                                     of client certificates.                
        verifyrevocationwithcachedclientcertonly - Turns on/off usage of 
                                                   only cached client 
                                                   certificate for revocation checking. 
        usagecheck              - Turns on/off usage check. Default is enabled. 
        revocationfreshnesstime - Time interval to check for an updated 
                                  certificate revocation list (CRL). If this 
                                  value is 0, then the new CRL is updated    
                                  only if the previous one expires. (in 
                                  seconds) 
        urlretrievaltimeout     - Timeout on attempt to retrieve certificate 
                                  revocation list for the remote URL.        
                                  (in milliseconds)      
        sslctlidentifier        - List the certificate issuers that can 
                                  be trusted. This list can be a subset of 
                                  the certificate issuers that are trusted 
                                  by the machine. 
        sslctlstorename         - Store name under LOCAL_MACHINE where       
                                  SslCtlIdentifier is stored.                
        dsmapperusage           - Turns on/off DS mappers. Default is 
                                  disabled. 
        clientcertnegotiation   - Turns on/off negotiation of certificate. 
                                  Default is disabled. 
                                                                             
Remarks: adds a new SSL server certificate binding and corresponding client 
         certificate policies for an IP address and port. 

Examples:                                                                  
                                                                             
         %1!s! ipport=1.1.1.1:443 certhash=0102030405060708090A0B0C0D0E0F1011121314 appid={00112233-4455-6677-8899-AABBCCDDEEFF}