Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Use SSL Certificate in ASP.NET Core 2.1 while Developing

Tags:

asp.net-core

asp.net-core-2.1

On an ASP.NET Core 2.1 I application appSettings file I have the following:

"Kestrel": {
  "Certificates": {
    "Default": {
      "Path": "localhost.pfx",
      "Password": "1234"
    }
  }
}

I created the certificate using the dotnet command:

dotnet dev-certs https -ep "localhost.pfx" -p 1234

And I copied the localhost.pfx file to the project root along the appSettings file.

When I run the project on http://localhost:5000 it is redirected to https://localhost:5001.

However, I receive the browser error saying the connection is not safe and asking me to add an exception.

What am I doing wrong?

like image 779
Miguel Moura Avatar asked Sep 13 '18 16:09

Miguel Moura

People also ask

What is SSL in asp net?

SSL provides authentication by using Public Key Infrastructure certificates. The server must provide a certificate that authenticates the server to the client.

Can ASP NET core work with the .NET framework?

In order to run ASP.NET Core Apps on the . NET Framework it needs to only reference . Core NuGet packages which contains only the . NET Standard 2.0 builds.

What is Hsts in asp net core?

Per OWASP, HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that's specified by a web app through the use of a response header. When a browser that supports HSTS receives this header: The browser stores configuration for the domain that prevents sending any communication over HTTP.

Is .NET Core 2.1 supported?

NET Core 2.1 and . NET Core 3.1 are long-term support versions, which means they're supported for 3 years after release. This is explained in the . NET Core Support Policy.

1 Answers

Short Answer

Include the --trust option. 

dotnet dev-certs https -ep "localhost.pfx" -p 1234 --trust

That creates a certificate that will work with these appsettings.json:

"Kestrel": {
  "Certificates": {
    "Default": {
      "Path": "localhost.pfx",
      "Password": "12345"
    }
  }
}

Notes

If you need to recreate the certificate, clean the certificate store first. 

dotnet dev-certs https --clean

The --trust option will work right away with Chrome; with Firefox, though, we will still need to add a security exception.

Using --trust means that we no longer need to add the "Kestrel" section to the appsettings.json file.

like image 73
Shaun Luttin Avatar answered Sep 22 '22 15:09

Shaun Luttin
Sign in to Comment

Related questions

ASP.NET Core RC2 Seed Database
Posting files and model to controller in ASP.NET Core MVC6
How do I remove Bower from a ASP.NET Core Web application?
AddJsonOptions not found in ASP.NET Core 2.0
What is limiting the port range for HTTPS in .NET Core 2.2?
Differences between AddSignalR and AddSignalRCore extension methods in aspnet core 2.1
IApplicationBuilder does not contain a definition for UseIdentity
Execute stored procedure in EF Core 3.0 vs 2.2
'Console' does not contain a definition for 'ReadKey' in asp.net 5 console App
Register Service at Runtime via DI?
EntityFramework Core - Copying an entity and placing it back into the database
Entity Framework Core still picks up old column
Remove http client logging handler in ASP.NET Core
How to run dockered ASP.net core app generated by Visual Studio 2019 on Linux? Problem with SSL configuration
How can I get the current route name with ASP.NET Core?
When should I use MultipleActiveResultSets=True when working with ASP.NET Core 3.0 and SQL Server 2019+?
How to make controllers scoped or singleton instead of transient in ASP.NET Core?
Failing to perform Cookie Authentication: SignInAsync and AuthenticateAsync not successful
How can I auto-increment an MVC 6 version number?
ASP.NET Core website on Azure fails to start with a 502.5 error after upgrade from .NET Core 1.1.1 to .NET Core 1.1.2

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!