How to enable SSL for a .NET project in Visual Studio

Say you have a .NET MVC or Web API project and you’d like to run it on SSL. In other words you’d like to start up the project on a URL similar to https://localhost:xxxx.

The first step is easy. You just select the MVC/Web API project name in the solution and locate the property called “SSL Enabled” in properties window:

Enable SSL in Visual Studio properties window

The same properties window will also show the HTTPS url for the application. In the above example it’s https://localhost:44300/. Copy that URL and go to the project properties window. Locate the Web tab and override the Project Url property with the https address:

Override project url to https

Start the application. You’ll likely get a message in the browser saying that the localhost address is not trusted, you can continue to the website at your own risk. Here’s a Chrome example in Swedish:

Localhost is not trusted

The problem is that the certificate that was installed automatically for you by Visual Studio is not trusted. You can locate the certificate in the Personal folder of the computer-level certificates in the certificates snap-in:

localhost certificate in certificates snap-in

If you double-click the certificate you’ll see that it’s not trusted:

localhost certificate is not included among trusted certificates

The message also provides the solution: the certificate must be imported into the trusted root certification authorities folder. You’ll see that as a folder in the same snap-in just below “Personal”. So how can we do that?

Right-click the certificate, then select All Tasks, Export… from the context menu. Click Next on the certificate export wizard. Leave the “Do not export the private key” option untouched, click Next. Accept the default on the next screen, i.e. “DER encoded binary X.509” should stay selected, then click Next. Then you’ll need to provide a name and a location for the exported file. Call it “localhost” and save it in a location where you can easily find it. Click Next and the Finish. There should be a popup message saying that the export was successful.

Next right-click the folder called Trusted Root Certification Authorities and select All Tasks, Import… from the context menu. Leave the “Local Machine” option untouched in the certificate import wizard, click Next. Browse to the certificate you saved just before. Click Next and accept all the default values along the way until you reach the end of the wizard. There should be a message saying that the import was successful.

If you now go back to the Personal store and double-click the localhost certificate then you should see that it’s trusted:

localhost certificate is now trusted

OK, let’s start the .NET web project again, the opening page should open without any warning. If you still see the same issue then test it a brand new browser session, e.g. here in IE:

localhost is loaded in browser without issue

You can also view the extracted certificate from the browser window. Here’s an example from IE:

Certificate details from internet explorer

You can view the list of posts on Security and Cryptography here.

Advertisements

About Andras Nemes
I'm a .NET/Java developer living and working in Stockholm, Sweden.

12 Responses to How to enable SSL for a .NET project in Visual Studio

  1. pravin gundawar says:

    Awesome Andras, u saved my time.

  2. Supriya says:

    Thanks a lot Andras Nemes, this information helped me a lot !!

  3. Diego says:

    Thank you!

  4. Reid says:

    Using Windows 10 and going to Start and typing in cert I was able to get to the Manage Computer Certificates part of the Control Panel. Supposedly the in the control panel though I couldn’t find it directly using that, but clicking on it after it popped up in start as I just described got me to the snap-in you mentioned.

    For future searchers: HTTPS SSL Certificate stopped working with Visual Studio when debugging localhost.

    You fixed my problem, thank you!

  5. Mike Little says:

    Thanks, I get used to going through the various BS answers till I find a work around or a series of work arounds that cure the immediate symptom. Your solution resolves the problem without witchcraft or magic beans! Good work!

  6. Carol Loperena says:

    A good, straightforward approach.

  7. Reed Shilts says:

    Thanks – your clear explanation saved me time!

  8. doesn't work says:

    Nope, didn’t work. — Control-F5 just gives error: “Failed to register URL localhost….”… “Cannot create a file when that file already exists”

  9. Pingback: ERR_SSL_PROTOCOL_ERROR na //localhost w VisualStudio 2015 | Blog Programisty.NET

  10. Valerie K. Bontrager says:

    Thanks! really helped me out.

  11. moiseyo says:

    How I can read HTTPS pages with C# console application
    THank you

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

ultimatemindsettoday

A great WordPress.com site

Elliot Balynn's Blog

A directory of wonderful thoughts

Robin Sedlaczek's Blog

Developer on Microsoft Technologies

HarsH ReaLiTy

A Good Blog is Hard to Find

Softwarearchitektur in der Praxis

Wissenswertes zu Webentwicklung, Domain-Driven Design und Microservices

the software architecture

thoughts, ideas, diagrams,enterprise code, design pattern , solution designs

Technology Talks

on Microsoft technologies, Web, Android and others

Software Engineering

Web development

Disparate Opinions

Various tidbits

chsakell's Blog

Anything around ASP.NET MVC,WEB API, WCF, Entity Framework & AngularJS

Cyber Matters

Bite-size insight on Cyber Security for the not too technical.

Guru N Guns's

OneSolution To dOTnET.

Johnny Zraiby

Measuring programming progress by lines of code is like measuring aircraft building progress by weight.

%d bloggers like this: