Skip to main content

How to create a SSL certificate for your local IIS website using PowerShell

In order to develop apps using the HTTPS URL on your local machine, you should create SSL certificates. 

SSL works by ensuring that any data transferred between users and websites or between two systems remains harder(if not impossible) to read as the data might potentially include some sensitive information, i.e. names, payment details etc. Please read this article for more details. 

Creating a development SSL certificate will stop you from seeing the following error when you visit your local IIS website and potentially save you some headaches in the near future as things get more strict with security.






There are multiple ways to generate a SSL certificate. I prefer to use Windows PowerShell to generate my local certificates and here is how you can do it;

  • Open up PowerShell and run it as an Administrator
  • Type the following command for your project and hit enter.
New-SelfSignedCertificate -DnsName "YOURPROJECTNAME.localhost" -CertStoreLocation "cert:\LocalMachine\My"




  • This will generate an SSL certificate for you. You can check it by going to your IIS / Server Certificates





  • The next step is to open up "Manage computer certificates" to start using your new certificate in your app.











  • Find your new certificate in Personal/Certificates and copy it.







  • Go to Trusted Root Certification Authorities/Certificates and paste your new certificate here.




  • Now you are ready to use your new SSL certificate for you local IIS app. Go to IIS Manager and add a new website or go to your existing website - make sure your project name is same as your certificate name.









  • Go to bindings, add your HTTPS binding using 443 port number and select your new SSL certificate, check "Require Server Name Indication" and save your changes. 








  • Finally, visit your local website and make sure all is good. 





Additional note 10.02.2022:

Today I have learnt from my colleague David B that this approach might create some issues if you are using an old version of Identity Server. 

You can see the problem and solution below - thanks David for your contribution and thanks to my other colleague Lukasz W for helping David to identify and fix the problem. 

Problem: 
Apparently, when you create your certificates using the New-SelfSignedCertificate command that I have shared above, some older versions of Identity Server can not read keys generated in CNG(Crypto-Next Gen) format as they require the older CAPI style certs. 

Solution:
In order to support the older CAPI style while generating your certificates, you should add the  -KeySpec KeyExchange to the end of your New-SelfSignedCertificate command call. 

Before:
New-SelfSignedCertificate -DnsName "YOURPROJECTNAME.localhost" -CertStoreLocation "cert:\LocalMachine\My"

After:
New-SelfSignedCertificate -DnsName "YOURPROJECTNAME.localhost" -CertStoreLocation "cert:\LocalMachine\My" -KeySpec KeyExchange

Comments

Popular posts from this blog

How to fix Git push error: "RPC failed; curl 56 HTTP/2 stream 7 was reset send-pack: unexpected disconnect while reading sideband packet fatal: the remote end hung up unexpectedly"

Problem Today I saw the following problem when I tried to push my changes to a Git server after doing some work for upgrading an Umbraco v7 project to v8.18.8.  Possible reasons After some investigations, it seems like this could be because of the following reasons; Git is not happy with the amount of changes that are being pushed into the server.  There are possible limitations on the server about the size/amount of files that you can push. Your internet connection is not good and stable enough. Your Git client's version is old. Solution options For me, the easiest option was connecting to another Wifi and trying again. Apparently, this option helped quite a few people, so it is worth giving it a try. Unfortunately, it didn't work for me. A bad internet connection wasn't an option for me either, as my internet is pretty fast (500 Mbps). Similarly, my Git client version was the latest version (git version 2.41.0.windows.3).  On StackOverflow, there were a lot of recommendat

How to use JQuery Ajax Methods for Async ASP.NET MVC Action Methods

Making repeatedly calls to async methods can be a nightmare. In this case, it makes sense to use 2 ajax methods, instead of one. Here is a simple solution to overcome this problem. See that  ajaxcalls   is emptied after the success response for the first ajax call and then the second ajax method is used to make one single call to the async action method. Hope it helps. View: @section Scripts{     < script type ="text/javascript">         var smartDebitObject = new Object();         smartDebitObject.MembershipNumber = $( "#MembershipNumber" ).val();         smartDebitObject.ProfileId = $( "#ProfileId" ).val();         smartDebitObject.FirstName = $( "#FirstName" ).val();         smartDebitObject.LastName = $( "#LastName" ).val();         smartDebitObject.AddressLine1 = $( "#AddressLine1" ).val();         smartDebitObject.Postcode = $( "#Postcode" ).val();         smartDebitObject

Umbraco lifehack: How to setup anchor/jump links in Umbraco without making code changes

Today one of my clients created a ticket asking whether it is possible to set up anchor/jump links for an Umbraco content page so that they could link different sections of the page together. This is a common scenario for most Content editors and it should be super easy with any CMS platform, right? Houston, we got a problem! Now an anchor or page jump link is a special URL that takes you to a specific place on a page and it normally requires a unique HTML element ID to link different parts of a page.  When I investigated my issue, I realised that the page sections of the Umbraco page didn't have unique IDs.  View Source Code comes to the rescue In order to resolve the issue without any code changes, I decided to update the content using the built-in View Source Code feature of Umbraco CMS. This feature is available on built-in property editors, like Rich Text Editor and is super handy for checking the code that Umbraco generates for your Front-end website and making minor adju