0

I can't access the API vía AJAX because the SSL certificate is self signed. How can I change the certificate?

I can't find any options on the Startup Class. Nor project properties.

EDIT: I'm not trying to acces the API from my own machine(which already trusts the certificate) i'm trying to do it from other machines that don't.

If I open swagger(which also uses the same cert) i can click on "trust" certificate and then it works, however that's not an option since swagger won't be accesible

Alex Coronas
  • 468
  • 1
  • 6
  • 21
  • 2
    Does this answer your question? [Bypassing SSL certificate error in jQuery and AJAX](https://stackoverflow.com/questions/25723415/bypassing-ssl-certificate-error-in-jquery-and-ajax) – Lukasz Szczygielek Apr 04 '20 at 22:27
  • No, already checked that post and many others, all the solutions only work for local machine – Alex Coronas Apr 04 '20 at 22:44

1 Answers1

0

I assume that you can't access the API you are currently developing.

SSL certificate is usually handled by HTTP server which serves your application, not application itself. During development dotnet creates self-signed certifcate for developer which should be trusted by operating system, so that also by browser you use. To trust you can run dotnet dev-certs https --trust according to docs.

glabek94
  • 71
  • 1
  • 3
  • I can access it locally, the problem occurs when the petitons come from the webserver or any other machine – Alex Coronas Apr 04 '20 at 22:43
  • So there is no graceful workaround to it. It is how web works: if you use HTTPS you have to trust certificate. If it is self-signed by someone you shouldn't trust it. You can either install this self-signed certificate on each machine you want to make a request to your API from or get a proper SSL certificate from CA and use it. Look for Let's encrypt for example. For debugging, and only for it, you can also turn HTTPS down and use only HTTP. But it is highly not recommended as whole communication will be in plain text. – glabek94 Apr 04 '20 at 23:02
  • But how can I change the certificate that Visual Studio uses? – Alex Coronas Apr 04 '20 at 23:16
  • 2
    It is not Visual Studio which uses certificate, it is server which serves your application. It is probably IIS Express or IIS. – glabek94 Apr 04 '20 at 23:18