IIS Express defaulting to port 44300 for HTTPS when enabling SSL

Question

When you initially set up IIS Express to enable SSL, it defaults the port to 44300. Unfortunately, when I try to access my site in on https://localhost/ it doesn't work unless I use the port number 44300 - https://localhost:44300/.

The links are generated using the following:

<%= Html.ActionLink("Index", "Index", "Home", new { @action = "https://" + Request.Hostname + Url.Action("Index", "Home") }) %> 

Although an ugly solution, the @action keyword can override the generated route, but it means that the application would seemingly need to be aware of any non-standard ports (eg 44300).

The problem with that is that I'd be writing something to solve a problem that would only occur in a development environment.

So my question is... How do I change the port to 443 and have IIS Express like it?

Config for my site is below:

<site name="MySite" id="2" serverAutoStart="true">   <application path="/">     <virtualDirectory path="/" physicalPath="C:\Inetpub\MySite" />   </application>   <bindings>     <binding protocol="http" bindingInformation=":80:" />     <binding protocol="https" bindingInformation=":44300:" />   </bindings> </site> 

Many thanks in advance.

Update:

This question has been answered by Divya over on the IIS forums.

Answer 1

This question has been answered by Divya over on the IIS forums.

Once you enable SSL for a website in WebMatrix, it defaults to port 44300 and does all the bindings in the background. I am hoping that you tried to change this port to 443 in the config file. Once that is done and saved, you also need to modify the binding in http.sys. You would need to delete the existing entry for port 44300 and add the entry for port 443. To do this, you could use httpcfg (WinXp/Win2003) or 'netsh http' (WinVista/Win2K8/Win7). Here are the commands for netsh:

1) Get the appid and certhash for the existing entry of 44300 (I assume, you are going to use the same certificate which WebMatrix installs by default. If you want to change the certificate as well, get the certificate hash of the certificate from the certificate store): netsh http show sslcert. In the output search for entry for port 44300 and copy certhash and appID.

2) Delete the entry for 44300: netsh http delete sslcert ipport=0.0.0.0:44300

3) Add a new entry for port 443 with certhash and appID copied in step 1. netsh http add sslcert ipport=0.0.0.0:443 certhash=<certhash> appid=<appid>

After configuring the entry in http.sys, you need to restart http service for the changes to take effect.

net stop http

net start http

As noted by others, there are several nice ways of getting your SSL certs.

netsh http show sslcert > output.txt 

or (my preferred method):

netsh http show sslcert | clip 

Answer 2

Since I have spent much time on this topic , I would like to share my finding. I am reposting segment from my other post minus the code. Some background and explanation:

==========================================

After researching aroud, I was able to solve this issue with IIS Express and an override of the Controller class's OnAuthorization method (Ref#1). I have also gone with the route recommended by Hanselman (Ref#2). However, I was not complete satisfied with these two solutions due to two reasons:

1. Ref#1's OnAuthorization only works at the action level, not at the controller class level
2. Ref#2 requires a lot of setup (Win7 SDK for makecert), netsh commands, and, in order to use port 80 and port 443, I need to launch VS2010 as administrator, which I frown upon.

So, I came up with this solution that is quite simplistic with the following conditions:

1. I want to be able to use the RequireHttps attribute at Controller class or action level

2. I want MVC to use HTTPS when the RequireHttps attribute is present, and use HTTP if it is absent

3. I do not want to have to run Visual Studio as administrator

4. I want to be able to use any HTTP and HTTPS ports that are assigned by IIS Express

5. I can reuse the self-signed SSL cert of IIS Express, and I do not care if I see the invalid SSL Prompt

=========================================

You can find my solution/code here ==> ASP.NET MVC RequireHttps in Production Only