Enable SSL in Visual Studio

21

votes

I have enabled SSL in Visual Studio as shown below:

I have also set the below:

When I access the website via IE (via Visual Studio debugging) I see this:

When I access the website via Firefox (via Visual Studio debugging) I see this:

There is no option to progress to the website in either Firefox or IE. I have spent all day trying to understand what is wrong. What am I doing wrong?

c#.netvisual-studiossl

Do you have certificate? I suppose you use self-signed ssl certificate (not trusted) so browser prevents you to open page. When you click "Learn more" you should be able to open page despite unsecure certificate. - pwas

@nopeflow, Learn more takes me to a Mozilla troubleshooting webpage. - w0051977

@nopeflow, how do you configure the certificate in Visual Studio? - w0051977

Ah I see, so something else is wrong. - pwas

@nopeflow, any ideas what this is? - w0051977

51

votes

I see this EXACT problem from time to time, when using SSL, and have found that (especially when working on someone else's project in a team environment) the Visual Studio project web settings (SSL ports) sometimes get messed up. Here's what I do to fix them:

In Solution Explorer, click your project.
Hit the F4 key (view properties).
Copy the URL (NOT the SSL URL).
Paste the URL into the Project Url on the Web Tab, Save.
In Solution Explorer, click your project.
Hit the F4 key (view properties).
Change SSL Enabled to false.
Change it back to true. There should be a new SSL URL. Copy it.
Paste the new SSL URL into Project URL on Web tab. Click Create Virtual Directory.
Click Override application root URL, and paste in SSL URL. Save.

This always solves the issue for me.

36

votes

Say you have a .NET MVC or Web API project and you’d like to run it on SSL. In other words you’d like to start up the project on a URL similar to https://localhost:xxxx. The first step is easy. You just select the MVC/Web API project name in the solution and locate the property called “SSL Enabled” in properties window:

The same properties window will also show the HTTPS url for the application. In the above example it’s https://localhost:44300/. Copy that URL and go to the project properties window. Locate the Web tab and override the Project Url property with the https address:

Start the application. You’ll likely get a message in the browser saying that the localhost address is not trusted, you can continue to the website at your own risk. Here’s a Chrome example in Swedish:

The problem is that the certificate that was installed automatically for you by Visual Studio is not trusted. You can locate the certificate in the Personal folder of the computer-level certificates in the certificates snap-in:

If you double-click the certificate you’ll see that it’s not trusted:

The message also provides the solution: the certificate must be imported into the trusted root certification authorities folder. You’ll see that as a folder in the same snap-in just below “Personal”. So how can we do that?

EXPORT

Right-click the certificate
Select All Tasks
Export… from the context menu.
Click Next on the certificate export wizard.
Leave the “Do not export the private key” option untouched, click Next.
Accept the default on the next screen, i.e. “DER encoded binary X.509” should stay selected, then click Next.
Provide a name and a location for the exported file. Call it “localhost” and save it in a location where you can easily find it.
Click Next and the Finish.

There should be a popup message saying that the export was successful.

IMPORT

Next right-click the folder called Trusted Root Certification Authorities and select All Tasks
Import… from the context menu.
Leave the “Local Machine” option untouched in the certificate import wizard, click Next.
Browse to the certificate you saved just before.
Click Next and accept all the default values along the way until you reach the end of the wizard.

There should be a message saying that the import was successful.

If you now go back to the Personal store and double-click the localhost certificate then you should see that it’s trusted:

OK, let’s start the .NET web project again, the opening page should open without any warning. If you still see the same issue then test it a brand new browser session, e.g. here in IE:

You can also view the extracted certificate from the browser window. Here’s an example from IE:

3

votes

@MattW I am using Mac and was facing this issue. I am using Visual Studio 2019 for Mac on macOS Catalina. I opened the "Project Options" for my project and changed "HTTP" to "HTTPS" in "App URL" under Default Run Configuration for ASP.NET Core

I already had a self-signed certificate for localhost, so Visual Studio gave me a message box asking me to use that Development certificate from Keychain. It asked for my password and used the certificate. The application worked without any issue on "HTTPS"

In case you do not have the development certificate you can generate one, using the following command in your Mac:

dotnet dev-certs https --clean
dotnet dev-certs https --trust

0

votes

If you have a Web Site project, with the globe icon in Solution Explorer, enabling SSL goes a little different from a Web App project, with the globe in a rectangle, to which the other answers apply.

The Web Site project does not have the Web Tab. Instead, copy the SSL URL from the project properties (F4) to the Start Url in the project property pages (Shift F4). This step is optional, but if you don't do it, you will have to type the SSL port number manually in your browser.

Besides, for any type of web project, it does not really matter which port number you enter in Properties. The simplest is to accept the number filled in as default by VisualStudio, but another free port number will work just as well.

Of course, you will work with a self-signed certificate, i.e. signed by VS. So the browser might complain about this, and in order to debug your project with SSL, you will have to accept an exception in the browser.

Enable SSL in Visual Studio

4 Answers