How To Disable Https in Visual Studio 2017 Web Proj ASP.NET Core 2.0

33
votes

I've created a default project in Visual Studio 2017 with ASP.NET Core 2.0. I've chosen the Web App with MVC and with Individual Use Auth. By default, it is coming up configured and working with https. I've tried disabling that by going into project properties and removing the user ssl and changing https to http but then I get either and IIS Express Connection error or a 404.

I've not see default https before. Where is that coming from and where can I disable it?

5
visual-studioasp.net-corevisual-studio-2017iis-expressasp.net-core-2.0
For .net framework see stackoverflow.com/a/43886999/939213ispiro

5 Answers

50
votes

I've just created a default MVC app using net core 2.0.

To disable SSL, you need to do 2 steps. You can do this either by using the Visual Studio GUI, or by editing the launchsettings.json (further down)

  • go to your project properties
  • In the Debug category uncheck the SSL option
  • Copy the App Url over to the Start browser input enter image description here

Et voila:

enter image description here

If you are not a fan of using the interface, you can alternatively edit the launchsettings.json file, by setting sslPort: 0 and "launchUrl": "http://localhost:13121/" (or where ever you want to launch the application)

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:13121/",
      "sslPort": 0 
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "launchUrl": "http://localhost:13121/",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "WebApplication1": {
      "commandName": "Project",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
      "applicationUrl": "http://localhost:13122/"
    }
  }
}
14
votes

I was just having this same issue (ie. I needed a non-SSL URL to establish a working ngrok.com tunnel)

There's probably an alternative unsecured localhost URL defined.

I realize the question is to disable the secured one, but you probably don't need to. You probably already have an unsecured one defined.

Admittedly, I inherited this project so I'm not aware if a default project would be configured the same. My assumption is that there's an unsecured URL already available for you that you might be overlooking.

Just look in the "Development Server" properties.

See my screenshot below:

enter image description here

12
votes

Go to App Properties and uncheck "Enable SSL"

Go to App Properties and uncheck "Enable SSL"

0
votes

If the answer provided by @Marco didn't resolved the issue you can try this,

When you create new .net core mvc application there will be default meta tag generated in _Layout cshtml to upgrade the http request to https ( "http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"). When you deploy your application to server without http you may need to remove the below tags

http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"

Also comment the below line from Startup.cs file

app.UseHttpsRedirection();

0
votes

It's most likely in your publish settings.

I had this issue and I simply went to the publish settings and discovered that after the build, the publish url contained https.