I am working through Adam Freeman's book "Pro ASP.Net Core 3". I have gotten to the introduction to https. He instructs us to use Powershell and run these commands in this order
dotnet dev-certs https --clean
dotnet dev-certs https --trust
When I run the clean
command, I get a message saying
"HTTPS development certificates successfully removed from the machine."
But when I run the trust command, I get:
"A valid HTTPS certificate with a key accessible across security partitions was not found. The following command will run to fix it: 'sudo security set-key-partition-list -D localhost -S unsigned:,teamid:UBF8T346G9' This command will make the certificate key accessible across security partitions and might prompt you for your password. For more information see: https://aka.ms/aspnetcore/2.1/troubleshootcertissues
A valid HTTPS certificate with a key accessible across security partitions was not found. The following command will run to fix it: 'sudo security set-key-partition-list -D localhost -S unsigned:,teamid:UBF8T346G9' This command will make the certificate key accessible across security partitions and might prompt you for your password. For more information see: https://aka.ms/aspnetcore/3.1/troubleshootcertissues
Trusting the HTTPS development certificate was requested. A confirmation prompt will be displayed if the certificate was not previously trusted. Click yes on the prompt to trust the certificate. There was an error trusting HTTPS developer certificate."
I tried
dotnet dev-certs https
results in "A valid HTTPS certificate is already present."dotnet --version
gives me 3.1.200.What do I have to do to get the certificate to work?
The dotnet dev-certs command manages a self-signed certificate to enable HTTPS use in local web app development. Its main functions are: Generating a certificate for use with HTTPS endpoints during development. Trusting the generated certificate on the local machine.
To configure an HTTPS server, the ssl parameter must be enabled on listening sockets in the server block, and the locations of the server certificate and private key files should be specified: server { listen 443 ssl; server_name www.example.com; ssl_certificate www. example.com.
Ok...I found a MAC super hint at the github link below.
(It ~might translate to the PC side...but I cannot test that)
https://github.com/dotnet/sdk/issues/10422
Encountered the same issue on macOS. As a solution, in the keychain, remove the old localhost certificate under 'System' and recreate it via the dotnet commands described in the docs. It will be placed under 'login'.
So to better describe the above quote, I've added a screen shot here (image below with the magenta/fuchsia/pinkish circles), to provide a "here is where it is on the Mac".....of what the text above describes..
So my steps were:
dotnet dev-certs https --clean
dotnet dev-certs https --check
// (DO THE MANUAL keychain-old-localhost removal NOW (image below)
// (before running the below terminal commands)
dotnet dev-certs https --check
dotnet dev-certs https
dotnet dev-certs https --trust
What do I have to do to get the certificate to work?
For some reason, dotnet CLI might throw exception while we use dotnet dev-certs https --trust
command to trust the HTTPS development certificate.
As a workaround, we can try following steps to manually trust the certificate.
Run dotnet dev-certs https
command to generate a HTTPS certificate (if you do not generate it)
Copy the certificate with the ASP.NET Core HTTPS development certificate friendly name by copying from Current User > Personal > Certificates into Current User > Trusted root certification authorities > Certificates within the certificate manager UI, like below.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With