Hosted Cache Server Setup

Only a Windows Server 2008 R2 computer can be configured as a Hosted Cache server. An existing application server in the branch office can be a Hosted Cache server if it is upgraded to Windows Server 2008 R2.

The Hosted Cache is trusted by client computers to cache and distribute data that may be under access control. For this reason, client computers use transport layer security (TLS) when communicating with the Hosted Cache server. To support authentication, the Hosted Cache server must be provisioned with a certificate that is trusted by clients and is suitable for server authentication.

Take the following steps to configure a Windows Server 2008 R2 computer to be a Hosted Cache server:

1. Install the BranchCache feature.

2. Enable the BranchCache feature and enable Hosted Cache server mode.

3. Deploy a certificate to the Hosted Cache that will be trusted by client computers. It may be necessary to distribute this certificate to client computers if it does not chain to a root certificate that is already trusted. Link the certificate to BranchCache.

4. Resize the cache on the Hosted Cache server.

5. Configure client computers to use the Hosted Cache.

Install the BranchCache feature

To install the BranchCache feature

1. Click Start, point to Administrative Tools, and then click Server Manager.

2. Right-click Features, and then click Add Features.

3. In the Add Features Wizard, select BranchCache, and then click Next.

   

4. In the Confirm Installation Selections dialog box, click Install.

5. In the Installation Results dialog box, confirm that BranchCache installed successfully, and then click Close.

Enable the BranchCache feature and enable Hosted Cache mode

For detailed instructions, see To enable BranchCache in Hosted Cache mode earlier in this document.

Deploy a certificate

The Hosted Cache server must be equipped with a certificate that is trusted by the client computers in the branch offices. For information about Windows Server certificate deployment, see Server Certificate Deployment Overview.

Import the certificate

The certificate must be added to the certificate store under the local computer account. If the certificate is added to the certificate store belonging to an administrator, or another user on the system, you will be unable to link the certificate to BranchCache, and clients will not be able to connect to the Hosted Cache server.

To import the certificate

1. Open the Microsoft Management Console (click Start, click Run, type mmc, and then click OK).

2. From the File menu, select Add/remove snap-in.

3. Select the Certificates snap-in, in the Available snap-ins list, and then click Add.

4. Select Computer Account from the list, and then click Next.

5. Select Local Computer from the list, click Finish, and then click OK to complete the snap-in addition process.

6. Expand the Certificates (Local Computer) > Personal > Certificates tab.

7. From the Action menu, select All Tasks > Import to start the Certificate Import Wizard. Follow the steps in the wizard to import your certificate according to the file type. The imported certificate appears in the right pane of the MMC.

8. Double-click the certificate to view its properties.

9. In the Details pane, select the Thumbprint field.

10. Copy the Thumbprint value to the clipboard or write it down. You will use it later when linking the certificate to BranchCache.

    

Link the certificate to BranchCache

After the import process has completed, you must link your new certificate to the BranchCache service on the Hosted Cache server.

To link the certificate to BranchCache

1. Open an elevated Command Prompt (click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator).

2. Type the command: NETSH HTTP ADD SSLCERT IPPORT=0.0.0.0:443 CERTHASH=<thumbprint> APPID={d673f5ee-a714-454d-8de2-492e4c1bd8f8} where <thumbprint> is thse value that you copied during the Import the certificate procedure earlier in this document. Be sure to remove the spaces in the <thumbprint> entry.

   

Resize the cache on the Hosted Cache server

By default, BranchCache allocates 5% of the active partition on the Hosted Cache server. Use the netsh set cachesize command to change this value.

Modify the Hosted Cache Server Ports

The Hosted Cache accepts connections from BranchCache clients on two ports. TCP Port 80 is used to accept connections from clients that are seeking to download cached data using the BranchCache retrieval protocol. Port 443 is used to accept connections from clients that are seeking to upload data to the Hosted Cache using the Hosted Cache protocol. You can change these ports on the Hosted Cache server by using the registry. If you do so, you must update all your BranchCache client computers to use the new ports.

Modifying the Retrieval Protocol Port (TCP Port 80)

To update the retrieval port, you must modify the registry on the Hosted Cache server, then modify the registry on each client that is configured to use this Hosted Cache. The following example demonstrates the use of the reg command to update registry keys. Alternative mechanisms can be used to update the registry.

To update the Hosted Cache server

1. Open an elevated Command Prompt window (click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator).

2. Type the command: netsh branchcache set service hostedserver.

3. Type the command: net stop peerdistsvc.

4. Type the command: net start peerdistsvc.

To update the Hosted Cache client

1. Open an elevated Command Prompt window (click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator).

2. Type the command:  REG ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\PeerDist\DownloadManager\Peers\Connection" /v ConnectPort /t REG_DWORD /d <connectport> /f where <connectport> is the new port on which the Hosted Cache server is accepting retrieval protocol connections.

3. Type the command: netsh branchcache set service hostedclient location=<hostedcache> Where <hostedcache> is the fully qualified domain name of the Hosted Cache server.

4. Type the command: net stop peerdistsvc.

   Type the command: net start peerdistsvc.

Modifying the Hosted Cache Protocol Port (TCP Port 443)

To update the Hosted Cache protocol port, you must modify the registry on the Hosted Cache server, then modify the registry on each client that is configured to use this Hosted Cache. The following example demonstrates the use of the reg command to update registry keys. Alternative mechanisms can be used to update the registry.

To update the Hosted Cache server

1. Open an elevated Command Prompt window (click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator).

2. Type the command:  REG ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\PeerDist\HostedCache\Connection" /v ListenPort /t REG_DWORD /d <listenport> /f where <listenport> is the new port on which the Hosted Cache server should accept retrieval protocol connections.

3. Type the command: netsh branchcache set service hostedserver.

4. Type the command: net stop peerdistsvc.

5. Type the command: net start peerdistsvc.

To update the Hosted Cache client

1. Open an elevated Command Prompt window (click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator).

2. Type the command: netsh branchcache set service hostedclient location=<hostedcache> where <hostedcache> is the fully qualified domain name of the Hosted Cache server.

3. Type the command: net stop peerdistsvc.

4. Type the command: net start peerdistsvc.