14

I want to test Azure Function Http trigger locally on windows.

I use azure-function-core-tools to run command like func start --port 5007 --useHttps

And then I got error : Auto cert generation is currently not working on the .NET Core build.

It seems like that I should use command like func start --port 5007 --useHttps --cert certificate.pfx after I creating a self-signed certificate locally.

If there is a way to enable https easily?

The way like when I use .net core webapi, I easily export env:ASPNETCORE_URLS=https://localhost. And after clicking some button, I can use https well. Do we have some thing like this?

Or if func start --port 5007 --useHttps is enough but i miss some configuration?

Thank you!

south
  • 307
  • 4
  • 13

5 Answers5

21

Update Answer:

func start --port 5007 --useHttps will not automatic create certificate after azure function v1. azure function v2 and azure function v3 tools which is based on .Net Core will not create certificate for you. You should generate the certificate manully.

Original Answer:

I can reproduce your error:

enter image description here

Solution:

Use administrator to start your powershell, go to your function app folder, and then use this command:

$cert = New-SelfSignedCertificate -Subject localhost -DnsName localhost -FriendlyName "Functions Development" -KeyUsage DigitalSignature -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1")

And then create the certificate file:

Export-PfxCertificate -Cert $cert -FilePath certificate.pfx -Password (ConvertTo-SecureString -String 123 -Force -AsPlainText)

At last, I can use https:(below command runs in windows cmd.)

func host start --port 5007 --useHttps --cors * --cert certificate.pfx --password 123

enter image description here

Cindy Pau
  • 13,085
  • 1
  • 15
  • 27
  • Hi, thanks much for your answer! Actually I know the way you mentioned above to start a https trigger. I am wondering if we can easily use command ``` func host start --port 5007 --useHttps ``` to start it straightly but not to add "--cert certificate.pfx" every time. What exactly I want is a way that ask azure-function-tool to automatically generate a default debug cert and use it when start functions. So that I do no necessarily need to create a certfile by myself like what webapi does when debug. – south Jun 19 '20 at 02:26
  • 1
    @south It is the problem of `azure-functions-core-tools`. The offcial document indeed say `--useHttps` will automatic create certificate to run azure function with https. But in fact, it only works in azure function v1.(Azure function v1 will automatic generate certificate, it si no problem.) azure function v2 and v3 which is based on .Net Core no longer automatic generate certificate any more. I think you can only generate certificate manully now. – Cindy Pau Jun 19 '20 at 07:30
  • @south Azure function teams may not improve this feature any more. After all, the azure function will not running locally when in production. After you publish your function app to azure, https will be supprtted be default.(Http also supportted unless you ban it.) – Cindy Pau Jun 19 '20 at 07:30
  • @south `func start --port 5007 --useHttps` will not generate certificate for you after 'azure function v1'. So you need to create manually. – Cindy Pau Jun 19 '20 at 07:33
  • Thank you so much for your answer! OK, now I can set a task on generating cert automatically in my project :) – south Jun 22 '20 at 02:14
  • You have to save the certificate in the ```bin/debug/netcoreapp``` folder of the functionapp else it won't work! – Tim Geerts Mar 12 '22 at 13:24
  • With azure core tools 4.0 it appears that `--useHttps` is working once more without the need to generate a certificate manually. – MHebes Jun 21 '23 at 21:29
3

As an addition to Bowman Zhu's answer, you can also configure VS to then use the certificate when you run the project.

Go to the project properties and select the Debug tab. In the Application arguments, add the following:

host start --useHttps --cert "certificate.pfx" --password "123"

You can also include the certificate within your project and set it to Copy if newer to deploy it to your bin.

Carl Howarth
  • 83
  • 7
2

Azure Function Core Tools (V2) now has a new switch so that you don't have to use the --cert and --password switches any more. You can now use:

host start --useHttps --useDefaultCert

Additionally, for completeness, you can create your local self-signed certificate for dotnet core using:

dotnet dev-certs https --trust
Craig
  • 932
  • 1
  • 11
  • 21
1

In addition to @cindy-pau 's excellent answer, if you are attempting to Debug from Visual Studio (perhaps with multiple startup projects), the Functions are started at "[PROGRAM_FILES]\dotnet" which will not find "certificate.pfx". Using an absolute path is no good in case devs have different source roots. It does seem that VisualStudio Macros are expanded before passing the arguments to the Funtions Runtime, so you can use something like $(ProjectDir) to find a project-relative certificate using the Debug->General->LaunchProfiles->Command Line Arguments dialog.

--port 7114 --useHttps --cert $(ProjectDir)\certificate.pfx --password "XXXXXX"

VS Function Debug ARgs

pseabury
  • 1,615
  • 3
  • 16
  • 30
1

I couldn't get it to work, kept getting 'NET::ERR_CERT_AUTHORITY_INVALID' in the browser. It started working when I did this:

  1. Removed all Certificates with Friendly Name 'Functions Development'
  2. Generated the pfx as above
  3. Imported the pfx into certificate store location 'Trusted Root Certification Authorities'
  4. Restarted my machine
Mcanic
  • 1,304
  • 16
  • 22
  • This worked for me except I didn't have to restart my machine. I just closed all open instances of Visual Studio and that did the trick.<- Windows 11 / VS 2022 – BeanFlicker Jun 01 '23 at 21:26