Exporting https certificate fails with 'dotnet dev-certs' tool

Question

I am trying to use the 'dotnet dev-certs' tool to export an https certificate to include with a Docker image. Right now I am using:

dotnet dev-certs https -v -ep $(HOME)\.aspnet\https -p <password>

and I get the error:

Exporting the certificate including the private key.
Writing exported certificate to path 'xxx\.aspnet\https'.
Failed writing the certificate to the target path
Exception message: Access to the path 'xxx\.aspnet\https' is denied.
An error ocurred exporting the certificate.
Exception message: Access to the path 'xxx\.aspnet\https' is denied.
There was an error exporting HTTPS developer certificate to a file.

The problem I see is that no matter what path I supply to export the certificate to I get the same 'Access to the path is denied' error. What am I missing? I know this command has been suggested in numerous places. But I cannot seem to get it to work.

Thank you.

Answer 1

The export path should specify a file, not a directory. This fixed the issue for me on Mac:

dotnet dev-certs https -v -ep ${HOME}/.aspnet/https/aspnetapp.pfx -p <password>

Answer 2

For Ubuntu users:

1. install libnss3-tools:

   sudo apt-get update -y

   sudo apt-get install -y libnss3-tools

2. create or verify if the folder below exists on machine:

   $HOME/.pki/nssdb

3. export the certificate:

   dotnet dev-certs https -v -ep ${HOME}/.aspnet/https/aspnetapp.pfx

4. Run the following commands:

   certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n localhost -i /home/<REPLACE_WITH_YOUR_USER>/.aspnet/https/aspnetapp.pfx

   certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n localhost -i /home/<REPLACE_WITH_YOUR_USER>/.aspnet/https/aspnetapp.pfx

5. exit and restart the browser

Source: https://docs.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?view=aspnetcore-5.0&tabs=visual-studio#ssl-linux