Craftsman at work

I'm Artur Karbone, coding software architect and independent IT consultant and this is my blog about craftsmanship, architecture, distributed systems, management and much more.

.NET Core: Playing with self-signed certificates

.NET CLI has a command dev-certs to deal with self-signed development certificates. If the project is launched via Visual Studio F5 the certificate is going to be created under the hood.

Let's go ahead and delete the available cert for further experiments:

dotnet dev-certs https --clean

Now when you launch your app via

dotnet run

You will keep getting an error like this:

: Microsoft.AspNetCore.Server.Kestrel[0] Unable to start Kestrel. System.InvalidOperationException: Unable to configure HTTPS endpoint.No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see

Amazing hint. So now we know that we need to run 2 commands to enable the certs locally. Let's start with the first one

dotnet dev-certs https -ep %USERPROFILE%.aspnet\https\aspnetapp.pfx -p test -v

Now we can launch the app without errors

dotnet run

However or browser keep saying that: Your connection is not private

Let's run the second command to trust the certificate we just created:

dotnet dev-certs https --trust

All green now.

More info here.

comments powered by Disqus