Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ASP.NET Core + IIS Express how to setup SSL Certificate

Tags:

c#

asp.net

ssl

asp.net-core

iis-express

We are running a web API with ASP.NET Core on IIS Express locally. We are using a custom domain name configured in the hosts-file.

This works fine, but we have to manually trust the site in Chrome every now and then, so we would like to set IIS Express up to use our SSL-certificate.

IIS Express is configured in launchSettings.json:

"iisExpress": {
  "applicationUrl": "http://applocal.ourdomain.com:5000",
  "sslPort": 44300
}

How can we configure IIS Express to use our SSL Certificate?

like image 306
severin Avatar asked Aug 11 '16 11:08

severin

2 Answers

Install the certificate on the machine, then run in cmd:

"C:\Program Files (x86)\IIS Express\IisExpressAdminCmd.exe" setupSslUrl -url:https://my.domain.name:<port> -CertHash:<Certificate thumbprint>
like image 113
severin Avatar answered Sep 24 '22 18:09

severin

First make a new certificate with the hostname replaced, ensure its made on the local machine.

Powershell: New-SelfSignedCertificate -NotBefore (Get-Date) -NotAfter (Get-Date).AddYears(1) -Subject "YOUR.DOMAIN.NAME" -KeyAlgorithm "RSA" -KeyLength 2048 -HashAlgorithm "SHA256" -CertStoreLocation "Cert:\LocalMachine\My" -KeyUsage KeyEncipherment -FriendlyName "HTTPS PROJECTNAME development certificate" -TextExtension @("2.5.29.19={critical}{text}","2.5.29.37={critical}{text}1.3.6.1.5.5.7.3.1","2.5.29.17={critical}{text}DNS=YOUR.DOMAIN.NAME")

Now we need to copy it into the trusted certificates for the local machine: open "mmc" Add snapin for the certificate manager for the local machine (not personal user) find the certificate and copy it over to "Trusted Root Certificate Authorities" mmc

Open up the certificate and copy the 'thumbprint' detail. enter image description here

Next you need to tell IIS to use this certificate. Open an admin cmd prompt and navigate to the IIS express folder at C:\Program Files (x86)\IIS Express then run:

IisExpressAdminCmd.exe setupSslUrl -url:https://YOUR.DOMAIN.NAME:PORTNUMBER -CertHash:THUMBPRINT

Thanks to: https://improveandrepeat.com/2020/05/how-to-change-the-https-certificate-in-iis-express/
https://www.sonicwall.com/support/knowledge-base/how-can-i-import-certificates-into-the-ms-windows-local-machine-certificate-store/170504615105398/
https://stackoverflow.com/a/38953547/1079267
https://devblogs.microsoft.com/aspnet/configuring-https-in-asp-net-core-across-different-platforms/

like image 29
Worthy7 Avatar answered Sep 20 '22 18:09

Worthy7
Sign in to Comment

Related questions

C# smtp.google.com could not be resolved
How do you get ClosedXML to use conditional formatting with formulas?
Trim not working on null characters
Get sum of each digit below n as long
Check if point is inside a circle
bool? compare with bool vs GetValueOrDefault vs ?? operator
Is returning a Task violating the CQS-principle?
Read values already printed to the console
Is there a way to set DateTime.ToString() format globally?
How to Write to a file using StreamWriter?
Get short claim type name
Call controller's action method from middleware
SignalR WebSocket handshake: Sec-WebSocket-Accept header is missing
Convert 12-hour format to 24-hour format in C#
The type or namespace MongoServer could not be found
c# call a method whenever another method ends?
Expression vs nameof
How to register Windows Forms with Simple Injector
Cannot implicitly convert 'System.TimeSpan?' to 'System.TimeSpan'
Error with SalesForce authentication from C# Client(s)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!