I met this error IDX21323 OpenIdConnectProtocolValidationContext.Nonce was nul and per my searching, it required to use https instead of http.
We can follow this document to create a self-host webapi use OWIN, but the base url is http.
So requirement is enable https for the url. Then how to do it?
I had my way below, but I also want to know a normal way for enabling https...
Thanks for any other advice!
Follow this document, I can use makecert.exe to create a self-signed certificate but I don't know why after I followed the doc to add certificate to Trusted Root Certification Authorities, the certificate didn't appear in the list.(Maybe it require a reboot?)
makecert.exe -n "CN=Development CA" -r -sv TempCA.pvk TempCA.cer
makecert.exe -pe -ss My -sr CurrentUser -a sha1 -sky exchange -n "CN=name"
-eku 1.3.6.1.5.5.7.3.2 -sk SignedByCA -ic TempCA.cer -iv TempCA.pvk
But it made me find there's a certificate issued localhost in the list.
I remembered it is generated by Visual Studio. When we use IIS Express to run the web application via Visual Studio, it will generate it for us. So I want to use it for my Owin api. Then I found this answer. It informed me that I don't need to do any changes in my code, I only need to run a netsh command to bind the certificate to the port.
Then this is the document about how to use command to bind the port with certificate.
And this is the command I used. Getting thrumbprint from certificate and generate guid from an online tool.
netsh http add sslcert ipport=0.0.0.0:8099 certhash=5c50eaxxxxxxz29daea9 appid={ad9f5133-25cd-412a-974c-059bbde7cb3e}
