The underlying connection was closed. Cannot run Asp.Net core 2.1 web api application using HTTP.sys?

Question

I created a new Asp.net core 2.1 web application and then select "API" template. (I changed the Authentication to "Windows". Then I added the following code to use Http.Sys for Windows authentication. (https://docs.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-2.1&tabs=aspnetcore2x)

using Microsoft.AspNetCore.Server.HttpSys; // Added

    public static void Main(string[] args)
    {
        CreateWebHostBuilder(args).Build().Run();
    }

    public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
            .UseStartup<Startup>()
            // Added
            .UseHttpSys(o => 
            {
                o.Authentication.Schemes = AuthenticationSchemes.NTLM | 
                                           AuthenticationSchemes.Negotiate;
                o.Authentication.AllowAnonymous = false;
            });

The following message shows the output message when running the application.

info: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[0]
      User profile is available. Using 'C:\Users\...\AppData\Local\ASP.NET\Da
taProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
info: Microsoft.AspNetCore.Server.HttpSys.HttpSysListener[0]
      Start
info: Microsoft.AspNetCore.Server.HttpSys.HttpSysListener[0]
      Listening on prefix: https://localhost:5001/
info: Microsoft.AspNetCore.Server.HttpSys.HttpSysListener[0]
      Listening on prefix: http://localhost:5000/
Hosting environment: Development
Content root path: C:\work\WebApplication1
Now listening on: https://localhost:5001
Now listening on: http://localhost:5000
Application started. Press Ctrl+C to shut down.

However, the browser shows error of "This site can't be reached (The connection was reset)" when access https://localhost:5001/api/values?

Tested with powershell

PS C:\work> Invoke-WebRequest https://localhost:5001/api/values
Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send.
At line:1 char:1
+ Invoke-WebRequest https://localhost:5001/api/values
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

PS C:\work> Invoke-WebRequest http://localhost:5000/api/values
Invoke-WebRequest : The remote server returned an error: (401) Unauthorized.
At line:1 char:1
+ Invoke-WebRequest http://localhost:5000/api/values
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

---

The following message is returned by Fiddler.

fiddler.network.https> HTTPS handshake to localhost (for #3) failed. System.IO.IOException Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. < An existing connection was forcibly closed by the remote host

The Internet Explorer returns the following message.

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://localhost:5001 again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

Answer 1

For me I had to comment out the app.UseHttpsRedirection() line in the Configure(..) method of the Startup class and use http://localhost:5000.

            // app.UseHttpsRedirection();

I imagine that if I want to use https I would have to follow @Bhavik Patel advice and intsall a self-signed certificate.