Enable SSL in Visual Studio

c# .net visual-studio ssl
92,834

Solution 1

I see this EXACT problem from time to time, when using SSL, and have found that (especially when working on someone else's project in a team environment) the Visual Studio project web settings (SSL ports) sometimes get messed up. Here's what I do to fix them:

  • In Solution Explorer, click your project.
  • Hit the F4 key (view properties).
  • Copy the URL (NOT the SSL URL).
  • Paste the URL into the Project Url on the Web Tab, Save.
  • In Solution Explorer, click your project.
  • Hit the F4 key (view properties).
  • Change SSL Enabled to false.
  • Change it back to true. There should be a new SSL URL. Copy it.
  • Paste the new SSL URL into Project URL on Web tab. Click Create Virtual Directory.
  • Click Override application root URL, and paste in SSL URL. Save.

This always solves the issue for me.

Solution 2

Say you have a .NET MVC or Web API project and you’d like to run it on SSL. In other words you’d like to start up the project on a URL similar to https://localhost:xxxx. The first step is easy. You just select the MVC/Web API project name in the solution and locate the property called “SSL Enabled” in properties window:

Enable SSL in Visual Studio properties window

The same properties window will also show the HTTPS url for the application. In the above example it’s https://localhost:44300/. Copy that URL and go to the project properties window. Locate the Web tab and override the Project Url property with the https address:

Override project url to https

Start the application. You’ll likely get a message in the browser saying that the localhost address is not trusted, you can continue to the website at your own risk. Here’s a Chrome example in Swedish:

Localhost is not trusted

The problem is that the certificate that was installed automatically for you by Visual Studio is not trusted. You can locate the certificate in the Personal folder of the computer-level certificates in the certificates snap-in:

localhost certificate in certificates snap-in

If you double-click the certificate you’ll see that it’s not trusted:

localhost certificate is not included among trusted certificates

The message also provides the solution: the certificate must be imported into the trusted root certification authorities folder. You’ll see that as a folder in the same snap-in just below “Personal”. So how can we do that?

EXPORT

  • Right-click the certificate
  • Select All Tasks
  • Export… from the context menu.
  • Click Next on the certificate export wizard.
  • Leave the “Do not export the private key” option untouched, click Next.
  • Accept the default on the next screen, i.e. “DER encoded binary X.509” should stay selected, then click Next.
  • Provide a name and a location for the exported file. Call it “localhost” and save it in a location where you can easily find it.
  • Click Next and the Finish.

There should be a popup message saying that the export was successful.

IMPORT

  • Next right-click the folder called Trusted Root Certification Authorities and select All Tasks
  • Import… from the context menu.
  • Leave the “Local Machine” option untouched in the certificate import wizard, click Next.
  • Browse to the certificate you saved just before.
  • Click Next and accept all the default values along the way until you reach the end of the wizard.

There should be a message saying that the import was successful.

If you now go back to the Personal store and double-click the localhost certificate then you should see that it’s trusted:

localhost certificate is now trusted

OK, let’s start the .NET web project again, the opening page should open without any warning. If you still see the same issue then test it a brand new browser session, e.g. here in IE:

localhost is loaded in browser without issue

You can also view the extracted certificate from the browser window. Here’s an example from IE:

Certificate details from internet explorer

Solution 3

@MattW I am using Mac and was facing this issue. I am using Visual Studio 2019 for Mac on macOS Catalina. I opened the "Project Options" for my project and changed "HTTP" to "HTTPS" in "App URL" under Default Run Configuration for ASP.NET Core

Screenshot: Project Options in VS 2019 for mac

I already had a self-signed certificate for localhost, so Visual Studio gave me a message box asking me to use that Development certificate from Keychain. It asked for my password and used the certificate. The application worked without any issue on "HTTPS"

Screenshot: Development certificate found message

In case you do not have the development certificate you can generate one, using the following command in your Mac:

dotnet dev-certs https --clean
dotnet dev-certs https --trust

Read more at https://docs.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?view=aspnetcore-3.1&tabs=netcore-cli

Solution 4

If you have a Web Site project, with the globe icon in Solution Explorer, enabling SSL goes a little different from a Web App project, with the globe in a rectangle, to which the other answers apply.

The Web Site project does not have the Web Tab. Instead, copy the SSL URL from the project properties (F4) to the Start Url in the project property pages (Shift F4). This step is optional, but if you don't do it, you will have to type the SSL port number manually in your browser.

Besides, for any type of web project, it does not really matter which port number you enter in Properties. The simplest is to accept the number filled in as default by VisualStudio, but another free port number will work just as well.

Of course, you will work with a self-signed certificate, i.e. signed by VS. So the browser might complain about this, and in order to debug your project with SSL, you will have to accept an exception in the browser.

Share:
92,834

Related videos on Youtube

w0051977
Author by

w0051977

Updated on August 12, 2021

Comments

  • w0051977
    w0051977 almost 3 years

    I have enabled SSL in Visual Studio as shown below:

    enter image description here

    I have also set the below:

    enter image description here

    When I access the website via IE (via Visual Studio debugging) I see this:

    enter image description here

    When I access the website via Firefox (via Visual Studio debugging) I see this:

    enter image description here

    There is no option to progress to the website in either Firefox or IE. I have spent all day trying to understand what is wrong. What am I doing wrong?

    • pwas
      pwas almost 8 years
      Do you have certificate? I suppose you use self-signed ssl certificate (not trusted) so browser prevents you to open page. When you click "Learn more" you should be able to open page despite unsecure certificate.
    • w0051977
      w0051977 almost 8 years
      @nopeflow, Learn more takes me to a Mozilla troubleshooting webpage.
    • pwas
      pwas almost 8 years
      Ah I see, so something else is wrong.
    • w0051977
      w0051977 almost 8 years
      @nopeflow, how do you configure the certificate in Visual Studio?
    • w0051977
      w0051977 almost 8 years
      @nopeflow, any ideas what this is?
    • Oleg
      Oleg almost 8 years
      Look at here
    • w0051977
      w0051977 almost 8 years
      @Oleg, thanks but unfortunately the warning in screenshot six does not happen. I get the annoying and useless warnings in my OP. I cannot believe how difficult this is.
    • Oleg
      Oleg almost 8 years
      @w0051977: Do you created self-signed SSL certificate or get free SSL certificate from letsencrypt for example (see here for example)? Do you configured IIS Express to use the certificate? Wich version of Visual Studio you use?
    • w0051977
      w0051977 almost 8 years
      @Oleg, how do I do this? There is no user interface for IIS Express. I can create a self signed certificate in IIS (full version) and bind it to a website. Is there a way to do this in IIS Express?
    • Oleg
      Oleg almost 8 years
      @w0051977: Look at %USERPROFILE%\Documents\IISExpress\config\applicationHost.co‌​nfig. One can edit the configuration manually. Moreover there are exist "%ProgramFiles%\IIS Express\IisExpressAdminCmd.exe" described in the article, which I posted you originally (see "APPENDIX Z"). The utility simplify some steps of the SSL configuration.
    • Ravi A.
      Ravi A. almost 8 years
      Did you try browsing as localhost:44314. It's not recommended to test SSL with IP as certificates are bound to domain(s) name.
    • w0051977
      w0051977 almost 8 years
      @Ravi A, yes I did. If I specify localhost then IE searches Goo9gle for the word localhost when I run the app in Visual Studio, which is really annoying. I have no idea what is wrong.
    • Ravi A.
      Ravi A. almost 8 years
      Try typing it completely - h ttps://localhost:44314 . (remove the space to avoid SO formatting)
    • w0051977
      w0051977 almost 8 years
      @Ravi A, I did. It searches Google for the word: localhost.
    • Ravi A.
      Ravi A. almost 8 years
      Can you try this for the search problem stackoverflow.com/questions/10764008/…
    • w0051977
      w0051977 almost 8 years
      @Oleg, when I get to the stage of: "Take the hash and plug it in to the end of THIS command:" the batch statement runs constantly as if it is in a continuous and infinite loop. I cannot believe how difficult this is. I thought it would be a fifteen minute job this morning. Sixteen hours so far.
    • Oleg
      Oleg almost 8 years
      @w0051977: Do you mean that netsh http add sslcert ipport=0.0.0.0:443 appid={214124cd-d05b-4309-9af9-9caa44b2b74a} certhash=YOURCERTHASHHERE works long lime? The IisExpressAdminCmd.exe Utility should do the same and you even don't need to search for certhash. About sixteen hours: sorry, but I'm not an author of IIS Express. Some things are really not so easy. Good SSL configuration take time. Is your computer has public DNS name (do you use Dynamic DNS providers for example) and web site available from the internet (TCP ports 80 and 443 are opened)? You can get public SSL certificate.
    • w0051977
      w0051977 almost 8 years
      Can anyone else help please? I have tried following the long, convoluted post that Oleg posted but that has not helped.
    • w0051977
      w0051977 almost 8 years
      I have also tried this post: codeproject.com/Tips/766918/…. I am not prompted with the message: "would you like to trust the IIS Express SSL Certificate" and no certificate appears in the certificate store after enabling SSL. Please help.
    • Ravi A.
      Ravi A. almost 8 years
      If you are okay to start from scratch you can try this hanselman.com/blog/…
    • Lex Li
      Lex Li over 7 years
      Usually it means the default certificate bindings set by IIS Express installer has failed, and you should remove and reinstall IIS Express via Programs panel.
  • Matt W
    Matt W over 7 years
    Do you know how to do this in Visual Studio for Mac (Xamarin)?
  • Chris Surfleet
    Chris Surfleet about 7 years
    I get to the point after adding the https address into the properties window, then when I run I just get 502s back...
  • Ahmad Hamdy
    Ahmad Hamdy about 7 years
    Sorry @MattW I don't know how to do it on MAC
  • Brad Irby
    Brad Irby over 5 years
    This worked for me, but note that the Properties window is not the one you get when right-clicking the project and choosing "Properties". You need a different properties window. I've not been able to find a way to open it when the project is selected, but if you right click any other file and choose properties you open the correct window. Then navigating back to the project will update that properties window to show you the SSL settings.
  • Mosia Thabo
    Mosia Thabo over 4 years
    Thank you man. This solved my issue, after 1 hour of hustling with VS.
  • Richard Dias
    Richard Dias over 4 years
    Thank you. You have helped me to avoid struggle with this.
  • fballer87
    fballer87 over 3 years
    what if I am getting the error that localhost is not trusted but the certificate is valid?
  • Ricky
    Ricky about 3 years
    HOURS of troubleshooting solved by this. Thank you!
  • Craig
    Craig almost 3 years
    Since modern browsers FORCE an SSL requirement and IE is being buried, this is invaluable information. Thank you so so much - this buys me some time to upgrade some legacy applications.
  • alfoks
    alfoks over 2 years
    @BradIrby and anyone who will need it, just press F4 when project is selected
  • Jamie
    Jamie over 2 years
    Still applies in 2021 as I work on legacy web apps to enable ADFS authentication! Thanks

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Visual Studio Project Backup
How do I find all namespaces in my Visual Studio solution?
SSL and Outdated TLS(1.0 and 1.1) for Web Service client application on .Net 3.5
Assembly cache problem in Visual Studio
Aspx Views in Mvc 5
.Net SslStream with Client Certificate
Connecting to FTPS (FTP over SSL) with FluentFTP
No Colours in Specflow Feature Files on Visual Studio
How can I decompile a batch of .NET DLLs into a Visual Studio project
Give Hex color code as a gridview background color