35

I've created a default project in Visual Studio 2017 with ASP.NET Core 2.0. I've chosen the Web App with MVC and with Individual Use Auth. By default, it is coming up configured and working with https. I've tried disabling that by going into project properties and removing the user ssl and changing https to http but then I get either and IIS Express Connection error or a 404.

I've not see default https before. Where is that coming from and where can I disable it?

Nkosi
  • 235,767
  • 35
  • 427
  • 472
Peter Kellner
  • 14,748
  • 25
  • 102
  • 188

5 Answers5

54

Update .Net 6

If you stumbled across this question, but are looking to disable SSL in .Net 6, follow these instructions:

  1. Disable SSL redirection by removing app.UseHttpsRedirection();
  2. (optional) define a default port to listen to with app.Run("http://localhost:5000"); If omitted, a random port will be assigned.

Original answer for .Net Core 2.0:

I've just created a default MVC app using net core 2.0.

To disable SSL, you need to do 2 steps. You can do this either by using the Visual Studio GUI, or by editing the launchsettings.json (further down)

  • go to your project properties
  • In the Debug category uncheck the SSL option
  • Copy the App Url over to the Start browser input enter image description here

Et voila:

enter image description here

If you are not a fan of using the interface, you can alternatively edit the launchsettings.json file, by setting sslPort: 0 and "launchUrl": "http://localhost:13121/" (or where ever you want to launch the application)

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:13121/",
      "sslPort": 0 
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "launchUrl": "http://localhost:13121/",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "WebApplication1": {
      "commandName": "Project",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
      "applicationUrl": "http://localhost:13122/"
    }
  }
}
Marco
  • 22,856
  • 9
  • 75
  • 124
  • 1
    Although this works, when I log in to my site, it successfully logs me in, but then never sets the auth cookie which means I can't access Admin pages – MikeT Nov 08 '17 at 18:21
  • 1
    Tipp: The launchUrl accepts relative URLs, so you actually don't have to copy the scheme and host there. Just enter / oder leave it empty. – Jpsy Jun 04 '18 at 12:15
  • 1
    it looks like once sslPort is set, iisexpress won't go back to http after the sslPort is set to 0 again. – koo9 Jun 07 '19 at 14:44
  • So this is yet another Microsoft bug in Visual Studio? It just gets worse every upgrade. ugh! – MC9000 Jun 10 '19 at 03:16
  • How can we disable it on mac? – Harish Kumar May 05 '20 at 14:00
15

I was just having this same issue (ie. I needed a non-SSL URL to establish a working ngrok.com tunnel)

There's probably an alternative unsecured localhost URL defined.

I realize the question is to disable the secured one, but you probably don't need to. You probably already have an unsecured one defined.

Admittedly, I inherited this project so I'm not aware if a default project would be configured the same. My assumption is that there's an unsecured URL already available for you that you might be overlooking.

Just look in the "Development Server" properties.

See my screenshot below:

enter image description here

Bret Royster
  • 541
  • 1
  • 5
  • 15
  • 1
    Downvoted because question is about ASP.NET _Core_ and answer is about ASP.NET (Framework) – ProgrammingLlama Jul 06 '18 at 02:40
  • 4
    Upvoted because I wasn't looking for an answer relating to ASP.NET *Core*, and wanted to find an answer about ASP.NET (Framework). Unfortunately, even having set the `Enable SSL` setting to *False*, the damn thing keeps trying to open on HTTPS which I don't have set up so this hasn't helped anyway. – Ortund Oct 08 '18 at 22:20
  • instead of hiding parts of the image please consider to use dummy project to point to the information if the name of the project is so sensitive, otherwise don't put images at all and use text only for instructions – Eslam Badawy Oct 29 '18 at 08:59
  • @EslamBadawy The instructions were "Just look in the "Development Server" properties." So the image should only add to that... – Bret Royster Jan 30 '19 at 20:40
  • Where do you find the "Development Server" properties? I have the same problem - VS insists on SSL and SSL is not defined anywhere. – MC9000 Jun 10 '19 at 03:14
  • never mind. Dotnet Core apps don't have this feature. – MC9000 Jun 10 '19 at 03:22
13

Go to App Properties and uncheck "Enable SSL"

Go to App Properties and uncheck "Enable SSL"

Ranch Camal
  • 501
  • 1
  • 4
  • 12
  • Unfortunately, this no longer works in Visual Studio. It's an unresolved bug that MS refuses to admit. – MC9000 Jun 10 '19 at 03:17
0

If the answer provided by @Marco didn't resolved the issue you can try this,

When you create new .net core mvc application there will be default meta tag generated in _Layout cshtml to upgrade the http request to https ( "http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"). When you deploy your application to server without http you may need to remove the below tags

http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"

Also comment the below line from Startup.cs file

app.UseHttpsRedirection();

SHIBIN
  • 397
  • 3
  • 5
0

It's most likely in your publish settings.

I had this issue and I simply went to the publish settings and discovered that after the build, the publish url contained https.

Peyman Mohamadpour
  • 17,954
  • 24
  • 89
  • 100
gspotprod
  • 25
  • 2