Setting up SSL certificate in Visual Studio

Question

I have a fresh install of Visual Studio Community 2019 on a new computer. I started a web app project, ran it for the first time, and then when prompted to accept the self-signed certificate I somehow managed to click "Do Not Ask Again" and "No".

At this point, when running the web app, I get a ERR_CONNECTION_RESET and can't connect to anything. I've tried deleting and recreating the certificate using advice listed here: Re-Installing Visual Studio 2017 Localhost Certificate, as well as reinstalling VS entirely, but neither worked.

To be clear, I messed up, not Visual Studio. As far as I can tell, there's nothing particular about my set up or environment, and I've built web apps in Visual Studio before, I just clicked the wrong things this time and am trying to undo that without factory resetting this entire PC.

Does anyone have any idea how I can trigger that original prompt in Visual Studio and get a properly signed certificate to run a web application?

[SOLVED]

now you are able to mark it as the accepted answer. – Jack J Jun Jun 07 '21 at 05:32 — Jack J Jun, Jun 07 '21 at 05:32

jeff_hinton · Accepted Answer · 2021-06-11T17:23:03.217

If anyone has this very specific issue again, I'll post what I did to fix it (from this forum thread: https://developercommunity.visualstudio.com/t/cant-debug-aspnet-applications-err-connection-rese/1239592?viewtype=all)

~~1. In VS: Tools > Command Line > Developer Command Prompt, run devenv /resetsettings (this will also reset some customization settings)~~ Edit: not needed, thanks lex-li!

Remove potentially malformed certificates:

In User Certificate Manager (certmgr.msc) AND Computer Certificate Manager (certlm.msc):
Personal > Certificates > if a localhost certificate exists there, delete it
Trusted Root Certification Authorities > Certificates > if a localhost certificate exists, delete it

Repair IIS 10.0 Express:

Control Panel > Programs & Features > Right Click IIS Express > Repair
It will ask for a file path o a .msi installation file, but VS doesn't store one for IIS Express
Look for a hidden file _package.json in the directory C:\ProgramData\Microsoft\VisualStudio\Packages\Microsoft.VisualStudio.IISExpress.Msi,version=xx.xx.xxxxx.xxx,chip=x64
Copy the "url" (which should point to the correct .msi file) in _package.json into the file path asked for by the Repair prompt
Verify the repair worked by running netsh http show sslcert ipport=0.0.0.0:44390 in the command prompt (ensure the Certificate Hash field is present).

Restart Visual Studio, debug your application, you should get the same Trusted Certificate prompt you misclicked the first time. (You can check the User Certificate Manager to see a new localhost certificate has been installed correctly)

Actually you don't need to reset VS settings and many of the steps. Jexus Manager can reveal which certificate bindings are invalid, https://docs.jexusmanager.com/tutorials/https-binding.html and then you can recreate them to address the issue. — Lex Li, Jun 03 '21 at 00:00

score 13 · Answer 2 · edited Aug 26 '23 at 20:30

13

Simply open the terminal:

dotnet dev-certs https --clean
dotnet dev-certs https --trust

edited Aug 26 '23 at 20:30

David Bond

149
1
9

answered Apr 30 '22 at 04:10

Bazoo Studios LLC

131
1
3

3

This alone didn't solve it for me. I also had to use the VS Installer to repair my VS 2022. Then after a reboot, I launched VS and ran my Web project. VS then prompted me to trust the IIS Express certificate. Then the issue was fixed. – RonC Sep 28 '22 at 18:00

score 0 · Answer 3 · answered Jun 02 '21 at 19:39

0

You can create a self-signed certificate using dotnet dev-certs It'll be stored in your PC's certificate store and VS will use it when scaffolding new projects with SSL support.

https://learn.microsoft.com/en-us/dotnet/core/additional-tools/self-signed-certificates-guide#create-a-self-signed-certificate

answered Jun 02 '21 at 19:39

Ibrahim Abdelkareem

835
5
10

Thanks for the response. I tried the suggestions listed on that page, scaffolded a new project, and was unfortunately met with the same problem. I ran `dotnet dev-certs https -ep $env:jeff\.aspnet\https\WebApplication1.pfx` followed by `dotnet dev-certs https --trust`, and clicked yes on the prompt that appeared. When running a new web app, I still got a ERR_CONNECTION_RESET message. – jeff_hinton Jun 02 '21 at 19:52
3

The .NET Core self signed certificate is not related to IIS Express's, so your suggestion does not help. – Lex Li Jun 03 '21 at 00:03

score 0 · Answer 4 · answered Jul 24 '23 at 17:04

I had issue with SignalR client failing to connect/subscribe to localhost hub in development only, because the localhost dev cert was not a trusted root certificate; likely caused by browser security requirements.

Using 'MMC' export localhost 'ASP.NET Core HTTPS ...' cert from 'Personal Certificates' and import into 'Trusted Root Certificates'.

Setting up SSL certificate in Visual Studio

4 Answers4

Linked