Using SSL on Windows
Using SSL with Watson on Windows requires that the certificate be installed in the Windows Certificate Manager MMC snap-in. It is easiest to use IIS to generate your CSR, and then once you have your certificate and private key, import the certificate and private key into the Computer Account certificate store.
Once the certificate has been imported, double click the certificate (from within MMC) and go to the 'Details' tab to retrieve the certificate thumbprint.
Copy this value and paste it into Notepad.
When copying from the Certificate Manager window into Notepad, there is often a special character, hidden from view, that is pasted into Notepad, that will cause you trouble. Be sure to delete the first character in Notepad, backspace to the beginning of the line, and re-type the first character. Remove all spaces in the thumbprint.
Next, you will need to use the netsh command to associate the certificate with the port upon which Watson is listening.
C:\> netsh http add sslcert ipport:192.168.1.10:443 certhash=thumbprint appid=00000000-0000-0000-0000-000000000000 certstore=My
Replace 192.168.1.10:443 with the IP and port you are using. The appid value is arbitrary and any GUID will do.
A helpful article on Stack Overflow related to this process can be found here: https://stackoverflow.com/questions/779228/the-parameter-is-incorrect-error-using-netsh-http-add-sslcert