20

I run localhost on my Windows 8.1 (Bootcamp on Mac) and need to enable ssl.

I have already default server certificates on 127.0.0.1 and localhost. I have the localhost one assigned to my websites on port 443.

https still returns security error so I need to work on http

My websites run on 44300 port (eg. localhost:44300) I tried to bind the certificate to 44300, still it didn't work.

How to make my locahost to work with https? Thanks

enter image description here

enter image description here

enter image description here

EDIT

The certificate is issued by localhost and is within Trusted Root Certification Authorities:

enter image description here

Btw I followed this thread to issue the certificate for my website: Enable SSL in Visual Studio

nickornotto
  • 1,946
  • 4
  • 36
  • 68
  • What is the contents of your certificate, i.e. is it even valid for the URL you use it? – Steffen Ullrich May 14 '15 at 15:25
  • @Steffen I believe they are built-in certificates as they were already there after I installed windows – nickornotto May 14 '15 at 15:37
  • Which does not say anything about the contents of the certificates. Maybe they are simply not suitable for what you are trying to do. – Steffen Ullrich May 14 '15 at 15:49
  • ok, so what I'm supposed to do @Steffen? I added self-signed certificate and it didn't work either. In other words - how can I check whether self-signed or built-in certificate is suitable for what I'm doing or not? – nickornotto May 14 '15 at 16:02
  • The certificate must match the hostname of the URL. Browser usually let you look into the certificate if you add it as trusted. – Steffen Ullrich May 14 '15 at 16:14
  • @Steffen it matches the hostname which is localhost – nickornotto May 14 '15 at 20:56
  • What browser are you using? – Steffen Ullrich May 14 '15 at 21:15
  • same is in firefox though. I can add an exception but still it treats the connection as unsecure – nickornotto May 15 '15 at 07:45
  • I've created for testing a self-signed certificate for localhost and successfully use it as trusted certificate in Chrome and Firefox. Which means you do something different but without knowing what you actually do it is hard to help. Chrome has usually more detailed error messages than just "security error", so maybe you could add more details to your question. – Steffen Ullrich May 15 '15 at 10:55
  • @Steffen I have added imgs to inllustrate what I have – nickornotto May 26 '15 at 13:02
  • Chrome says clearly that the certificate is untrusted. What did you do to make the certificate trusted? Any certificates not issued by a public CA known to the browser have no implicit trust, i.e. the user must manuelly add them as trusted. Note that settings on the server side do not make it trusted, it has to be done on the client side (browser). – Steffen Ullrich May 26 '15 at 15:25
  • @Steffen I followed instructions in this solution: https://stackoverflow.com/questions/39183773/enable-ssl-in-visual-studio I have edited my post to include the certificate I currently have above – nickornotto Oct 24 '18 at 17:23
  • I have no idea why it took you 3 years to provide the necessary information but based on this it is a duplicate of other question, i.e. you simply did not add this certificate as trusted to the browser and by default it will not trust self-signed certificates. – Steffen Ullrich Oct 24 '18 at 17:34
  • @Steffen I did say I added it to trusted, not sure why you're implying I did not? I just worked 3 years on browser's exception on localhost, it's doable... – nickornotto Oct 24 '18 at 17:39
  • The error message clearly says it is not trusted. I'm not really sure what image should prove that the certificate is trusted - there is one where the certificate is issued to nothing (valid from 22/10/2018) and one where it is issued to localhost (valid from 24/10/2018). These are clearly different certificates. I have no idea what certificate is served by your IIS and which certificate is trusted by your browser - likely different ones. – Steffen Ullrich Oct 24 '18 at 17:45
  • @Steffen, the last certificate. See my comment below the first answer. Thanks – nickornotto Oct 24 '18 at 17:46
  • This comment says that you've actually did not properly import the certificate as trusted first - and after you did this it worked with Chrome. As for you new problem with Firefox: it has a separate certificate store and you need to import it there as trusted too. – Steffen Ullrich Oct 24 '18 at 18:30

2 Answers2

39

It is probably because it is not installed in Trusted Root Certification Authorities.

enter image description here

Solve this by starting mmc.exe.

Then go to:

File -> Add or Remove Snap-ins -> Certificates -> Add -> Computer account -> Local computer

Expand the Personal folder and you will see your localhost certificate:

enter image description here

Copy this into Trusted Root Certification Authorities - Certificates

The final step is to open Internet Information Services (IIS) Manager or simply inetmgr.exe. From there go to your site, select Bindings... and Add... or Edit.... Set https and select your certificate from the drop down.

enter image description here

Your certificate is now trusted:

enter image description here

Original answer:

https://stackoverflow.com/a/48790088/3850405

Ogglas
  • 62,132
  • 37
  • 328
  • 418
  • @nickornotto issued to needs to be localhost – Ogglas Oct 22 '18 at 22:19
  • I redid the certificate and it is issues by localhost, see my edited post – nickornotto Oct 24 '18 at 17:24
  • @nickornotto Is the certificate really in Local computer - Trusted Root Certification Authorities? It won't work with Current User - Trusted Root Certification Authorities. Also click the lock icon in your browser and view what certificate is being sent. If you follow my link to original answer you will get it right. – Ogglas Oct 24 '18 at 17:39
  • ok, I have now run it in Chrome and it works! In Firefox though it doesn't work even though I cleaned cookies. But it works in MS Explorer too so the certificate is fine. Thanks for help – nickornotto Oct 24 '18 at 17:44
  • @nickornotto No problem! Please mark the answer as the correct solution if it helped you solve it. – Ogglas Oct 24 '18 at 18:20
  • @nickornotto can't work for me,, my website (localhost) still not secure (Invalid Certifiicate),, any suggestion for me? – Diale Nov 04 '20 at 04:26
  • I couldn't find `inetmgr` but the first step still resolved my problem. Would love to see a `powershell` or batch equivalent! Maybe another day, I've got going on to tackle. – FreeSoftwareServers Jan 03 '22 at 23:34
8

Try to install Microsoft IIS Administration from https://manage.iis.net/get it will create a certification for your local server then use https://manage.iis.net/connect , get an Access Token and connect it check your localhost on https https://localhost

MHogge
  • 5,408
  • 15
  • 61
  • 104
Ghassen Rachid
  • 81
  • 1
  • 3