Enable SSL in Visual Studio

Question

I have enabled SSL in Visual Studio as shown below:

I have also set the below:

When I access the website via IE (via Visual Studio debuggin

Answer 1

Say you have a .NET MVC or Web API project and you’d like to run it on SSL. In other words you’d like to start up the project on a URL similar to https://localhost:xxxx. The first step is easy. You just select the MVC/Web API project name in the solution and locate the property called “SSL Enabled” in properties window:

The same properties window will also show the HTTPS url for the application. In the above example it’s https://localhost:44300/. Copy that URL and go to the project properties window. Locate the Web tab and override the Project Url property with the https address:

Start the application. You’ll likely get a message in the browser saying that the localhost address is not trusted, you can continue to the website at your own risk. Here’s a Chrome example in Swedish:

The problem is that the certificate that was installed automatically for you by Visual Studio is not trusted. You can locate the certificate in the Personal folder of the computer-level certificates in the certificates snap-in:

If you double-click the certificate you’ll see that it’s not trusted:

The message also provides the solution: the certificate must be imported into the trusted root certification authorities folder. You’ll see that as a folder in the same snap-in just below “Personal”. So how can we do that?

EXPORT

• Right-click the certificate
• Select All Tasks
• Export… from the context menu.
• Click Next on the certificate export wizard.
• Leave the “Do not export the private key” option untouched, click Next.
• Accept the default on the next screen, i.e. “DER encoded binary X.509” should stay selected, then click Next.
• Provide a name and a location for the exported file. Call it “localhost” and save it in a location where you can easily find it.
• Click Next and the Finish.

There should be a popup message saying that the export was successful.

IMPORT

• Next right-click the folder called Trusted Root Certification Authorities and select All Tasks
• Import… from the context menu.
• Leave the “Local Machine” option untouched in the certificate import wizard, click Next.
• Browse to the certificate you saved just before.
• Click Next and accept all the default values along the way until you reach the end of the wizard.

There should be a message saying that the import was successful.

If you now go back to the Personal store and double-click the localhost certificate then you should see that it’s trusted:

OK, let’s start the .NET web project again, the opening page should open without any warning. If you still see the same issue then test it a brand new browser session, e.g. here in IE:

You can also view the extracted certificate from the browser window. Here’s an example from IE:

Answer 2

I see this EXACT problem from time to time, when using SSL, and have found that (especially when working on someone else's project in a team environment) the Visual Studio project web settings (SSL ports) sometimes get messed up. Here's what I do to fix them:

• In Solution Explorer, click your project.
• Hit the F4 key (view properties).
• Copy the URL (NOT the SSL URL).
• Paste the URL into the Project Url on the Web Tab, Save.
• In Solution Explorer, click your project.
• Hit the F4 key (view properties).
• Change SSL Enabled to false.
• Change it back to true. There should be a new SSL URL. Copy it.
• Paste the new SSL URL into Project URL on Web tab. Click Create Virtual Directory.
• Click Override application root URL, and paste in SSL URL. Save.

This always solves the issue for me.

Answer 3

@MattW I am using Mac and was facing this issue. I am using Visual Studio 2019 for Mac on macOS Catalina. I opened the "Project Options" for my project and changed "http" to "https" in "App URL" under Default Run Configuration for ASP.NET Core

Screenshot: Project Options in VS 2019 for mac

I already had a self-signed certificate for localhost, so Visual Studio gave me a message box asking to use that Development certificate from Keychain. It asked my password and used the certificate. The application worked without any issue on "https"

Screenshot: Development certificate found message

In case you do not have the development certificate you can generate one, using following command in your Mac:

dotnet dev-certs https --clean
dotnet dev-certs https --trust

Read more at https://docs.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?view=aspnetcore-3.1&tabs=netcore-cli