Invalid characters passed with Process.StandardInput.WriteLine

Question

I'm trying to execute a netsh command using System.Process passing an argument and I'm getting a "The parameter is incorrect." return.

The parameter informed is:

http add sslcert ipport=0.0.0.0:{port} certhash=‎‎{certificateHash} appid='{{00000000-0000-0000-0000-AABBCCDDEEFF}}';

Where port is the port selected and certificateHash the hash of the certificate specified.

I realized that the return of the command has additional hidden characters (??) for the parameter certhash as this example:

C:\Windows\system32>netsh http add sslcert ipport=0.0.0.0:8787 certhash=??BDBCA9543D50108B6F43AA44852CD1D0F4C07B7C appid='{00000000-0000-0000-0000-AABBCCDDEEFF}' The parameter is incorrect.

Is there a way to force the string in the argument to be exactly the one I'm passing? Am I missing some convertion?

Here's the code I'm using:

public static void RegisterCertificateToSslPort(string subjectName)
{
        var store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadOnly);

        var certificate = store.Certificates.Find(X509FindType.FindBySubjectName, subjectName, true);

        var certificateHash = CleanThumbprint(certificate[0]?.GetCertHashString());

        var result = CommandExecuter.AddSslCertificateToPort(certificateHash, "8787");
 }


public static string CleanThumbprint(string mmcThumbprint)
{
        return new string(mmcThumbprint.Where(c => char.IsLetter(c) || char.IsDigit(c)).ToArray());
}

private static string Execute(string command)
{
        var startInfo =
            new System.Diagnostics.ProcessStartInfo
            {
                WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden,
                FileName = "cmd.exe",
                Verb = "runas",
                UseShellExecute = false,
                RedirectStandardInput = true,
                RedirectStandardOutput = true,
                WorkingDirectory = @"C:\Windows\system32"
            };

        var standardOutput = new StringBuilder();

        using (var process = System.Diagnostics.Process.Start(startInfo))
        {
            using (var sw = process?.StandardInput)
            {
                if (sw != null && sw.BaseStream.CanWrite)
                {
                    sw.WriteLine(command);
                }
            }

            while (process != null && !process.HasExited)
            {
                standardOutput.Append(process.StandardOutput.ReadToEnd());
            }

            standardOutput.Append(process?.StandardOutput.ReadToEnd());
        }

        return standardOutput.ToString();
}

public static string AddSslCertificateToPort(string certificateHash, string port, string appId = null)
{
        var command =
            $"netsh http add sslcert ipport=0.0.0.0:{port} certhash=‎‎{certificateHash} appid='{{00000000-0000-0000-0000-AABBCCDDEEFF}}'";

        return Execute(command);
}

Answer 1

So after beating my head for sometime, I tried checking my strings again. What happened, was that at first, I pasted the command at Notepad++ and did the necessary changes:

netsh http add sslcert ipport=0.0.0.0:{port} certhash=‎‎{certificateHash} appid='{{00000000-0000-0000-0000-AABBCCDDEEFF}}

For some strange reason it add the two hidden characters to the end of certhash=, and they weren't cleaned or found by my method to extract just strings and numbers.

After using the regular notepad and the options "Show Unicode Characters", the hidden characters were displayed. With them away, I was able to just paste the right string again and them run the code successfully.