问题
I'm trying to test my website locally using SSL with IIS Express. It has the following properties set:
SSL Enabledset to 'true'SSL URLis set https://localhost:44354/
But whenever I open the https address, I get the following error:
In "Microsoft Edge":
In Google Chrome:
I've read article after articles, including some on SO but to no avail. I've tried the following:
- I've deleted my
IIS Express Development Certificate - I've repaired
IIS Express 10via theControl Panel - I've removed the
localhostcertificate I had created manually. - I've added
<binding protocol="https" bindingInformation="*:44354:localhost" />to thebindingssection the applicationhost.config - I've stopped and restarted
IIS Express. - Some suggest to change the port to 443 but my
SSL URLis read-only in.NET IDE. - Some articles I've read:
- Running IIS Express without Administrative Privileges
- How do I fix a missing IIS Express SSL Certificate?
- IIS Express — Getting SSL to Work
- and many more...
Any help would be greatly appreciated.
Thanks.
回答1:
I finally figured it out by following this article How to trust the IIS Express Self-Signed Certificate but a few additional steps:
Export
IIS Express Developmentcertificate to a local from. This certificate can be found in theServer Certificatessection inIIS 10.0.Open the
Certificate consoleby callingmmc.exe certmgr.mscfrom File|Run.Delete all instances of localhost under the
Trusted Root Certification Authorities|Certificates.Import the newly created certificate. You will get prompted with the following:
- Once imported, I went back to Asp.Net MVC 5 project, recompile it and ran it. When I ran it, I got prompted with the following:
This is when I knew I was on the right track as this was the first time I had ever seen this prompt! Click Yes, and now this prompt appears:
And click Yes on this prompt as well. Your project will then launch the relevant browser.
Go to the https address defined in your .net project, in my instance, https://localhost:44354/, and you will now see the padlock displayed in the address bar to indicate that it is a secure site:
Most of these answers were already available in different answers provided on SO but the points that were missing or that I missed were that I had to export my IIS Express Development certificate, delete all localhost entries (which I had done) and then re-import this certificate. Once done, .NET detects the change and you get prompted accordingly.
Anyway, I hope this will help others.
回答2:
Self signed certificates need to be trusted or browsers won't accept them. You can easily use Jexus Manager to configure that,
https://www.jexusmanager.com/en/latest/tutorials/self-signed.html#to-trust-self-signed-certificate
While if you prefer manually, you can import the certificates to the Trusted Root Certificate Authority store in Windows.
Learn more about SSL, certificates, stores and so on (Google each of them and learn them thoroughly), so that next time you really understand what is the culprit before trying so many irrelevant things.
Jexus Manager also has an SSLDiag feature to identify potential issues,
https://www.jexusmanager.com/en/latest/tutorials/ssl-diagnostics.html
But you need to know enough so as to interpret its output correctly.
来源:https://stackoverflow.com/questions/46596915/using-ssl-with-localhost-with-asp-net-mvc-5-on-vs2015