WinHttp Configuration for Windows Vista

In my previous posts, I described the new WinHttp proxy, tracing and client certificate configuration story for Windows Vista Beta2. The syntax of the netsh commands used to configure WinHttp proxy and tracing settings have changed for Vista RTM and this post describes the changes in command syntax since the beta.

WinHttp Netsh Context

From the previous posts you might be aware that in Windows Vista, the WinHttp proxy and tracing configuration tools, proxycfg.exe and winhttptracecfg.exe respectively, have been replaced with netsh commands. All the WinHttp related netsh commands live under the “winhttp” netsh context. To navigate to it, open an administrator command prompt and type “netsh” then “winhttp”:

C:\Windows\system32>netsh

netsh>winhttp

netsh winhttp>

You can type “?” in this context and display the list of available commands there. You can also type “?” at the end of any command to get a detailed description of the command syntax.

Displaying current settings and restoring the defaults

You can use the “show” netsh commands to display the current settings. “show proxy” will display the current proxy settings, while “show tracing” will display the current tracing settings. You can also use the “reset” netsh command to restore the default settings. “reset proxy” will set the WinHttp proxy settings to DIRECT, while “reset tracing” will disable the tracing.

Setting WinHttp proxy settings

Use the “set proxy” command to configure the proxy settings. You can type the command followed by a question mark to see the syntax:

netsh winhttp>set proxy /?

Usage: set proxy [proxy-server=]<server name> [bypass-list=]<hosts list>

Parameters:

  Tag              Value

  proxy-server   - proxy server for use for http and/or
                   https protocol

  bypass-list    - a list of sites that should be visited
                   bypassing the proxy (use "<local>" to
                   bypass all short name hosts)

Examples:

  set proxy myproxy

  set proxy myproxy:80 "<local>bar"

  set proxy proxy-server="http=myproxy;https=sproxy:88" bypass-list="*.foo.com"

Just follow the examples listed in the samples above to set your proxy settings.

Note that importing proxy settings from IE is now accomplished by the “import” command (importing from IE is the only available option there):

netsh winhttp>import proxy /?

Usage: import proxy [source=]ie

Parameters:

  Tag       Value

  source  - from where the setting is imported

Examples:

  import proxy source=ie

Setting WinHttp tracing settings

To set the WinHttp tracing settings, use the “set tracing” command from the netsh winhttp context:

netsh winhttp>set tracing /?

Usage: set tracing

      [output=]file|debugger|both

      [trace-file-prefix=]<string>

      [level=]default|verbose

      [format=]ansi|hex

      [max-trace-file-size=]<number>

      [state=]enabled|disabled

Parameters:

  Tag Value

  trace-file-prefix   - Prefix for the log file (can
                       include a path) specify "*" to
                       delete an existing prefix

  output              - Where the trace entries are
                        written/displayed to

  level               - How much information to log

  format              - Display format of network traffic
                        (hex or ansi)

  max-trace-file-size - Maximum size of the trace file (in
                        bytes)

  state               - Enables or disables winhttp tracing

Examples:

  set tracing trace-file-prefix="C:\Temp\Test3" level=verbose format=hex

  set tracing output=debugger max-trace-file-size=512000 state=enabled

Please note that you can use the “state” parameter to disable / enable the tracing. For example, “set tracing state=disabled” will disable the tracing.

Also, your process needs to have enough permissions to create the trace file, so it is recommended to specify a folder via the “trace-file-prefix” parameter that you know your process has write access to.

  -Nesho Neshev