How To Disable Https in Visual Studio 2017 Web Proj ASP.NET Core 2.0

Question

I've created a default project in Visual Studio 2017 with ASP.NET Core 2.0. I've chosen the Web App with MVC and with Individual Use Auth. By default, it is coming up configured and working with https. I've tried disabling that by going into project properties and removing the user ssl and changing https to http but then I get either and IIS Express Connection error or a 404.

I've not see default https before. Where is that coming from and where can I disable it?

Answer 1

I've just created a default MVC app using net core 2.0.

To disable SSL, you need to do 2 steps. You can do this either by using the Visual Studio GUI, or by editing the launchsettings.json (further down)

• go to your project properties
• Uncheck the SSL option
• Copy the App Url over to the Start browser input
  

Et voila:

If you are not a fan of using the interface, you can alternatively edit the launchsettings.json file, by setting sslPort: 0 and "launchUrl": "http://localhost:13121/" (or where ever you want to launch the application)

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:13121/",
      "sslPort": 0 
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "launchUrl": "http://localhost:13121/",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "WebApplication1": {
      "commandName": "Project",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
      "applicationUrl": "http://localhost:13122/"
    }
  }
}

Answer 2

Go to App Properties and uncheck "Enable SSL"

Answer 3

I was just having this same issue (ie. I needed a non-SSL URL to establish a working ngrok.com tunnel)

There's probably an alternative unsecured localhost URL defined.

I realize the question is to disable the secured one, but you probably don't need to. You probably already have an unsecured one defined.

Admittedly, I inherited this project so I'm not aware if a default project would be configured the same. My assumption is that there's an unsecured URL already available for you that you might be overlooking.

• If I'm wrong this answer seems good (Ngrok errors '502 bad gateway'), but again I didn't need to try it.

Just look in the "Development Server" properties.

See my screenshot below:

Answer 4

If the answer provided by @Marco didn't resolved the issue you can try this,

When you create new .net core mvc application there will be default meta tag generated in _Layout cshtml to upgrade the http request to https ( "http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"). When you deploy your application to server without http you may need to remove the below tags

http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"

Also comment the below line from Startup.cs file

app.UseHttpsRedirection();