Configure a self-signed certificate in Ubuntu to allow HTTPS access with an ASP.NET Core 2.1 application
17-07-20181. Create an asp.net core project as usual and check if you have access using HTTPS.
dotnet new web -o Sample
cd Sample
dotnet restore
dotnet run
1.1 Navigate to https://localhost:5001. Can you read the message Hello World!? Congrats, you can stop reading this guide. If Firefox shows you a Secure Connection Failed message or you have an error message in console like this:
dbug: HttpsConnectionAdapter[1]
Failed to authenticate HTTPS connection.
System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> Interop+Crypto+OpenSslCryptographicException: error:2006D002:BIO routines:BIO_new_file:system lib
2. Installca-certificates and openssl packages
sudo apt-get install ca-certificates openssl
3. Genereate the .pfx certificate with dotnet command [1]
dotnet dev-certs https -ep ${HOME}/.aspnet/https/aspnetapp.pfx -p crypticpassword
4. Extract the .crt file [2]
cd ${HOME}/.aspnet/https/
openssl pkcs12 -in aspnetapp.pfx -nocerts -out aspnetapp.pfx
openssl pkcs12 -in aspnetapp.pfx -clcerts -nokeys -out aspnetapp.crt
5. Copy the .crt file to the certificates location [3]
sudo cp aspnetapp.crt /usr/local/share/ca-certificates/
6. Change the permissions to allow to read the certificate [4]
sudo chmod +r /usr/local/share/ca-certificates/*
7. Run the application again and check the https address
dotnet run
Navigate to https://localhost:5001. If you have any error, you can check the links below to know more about each step.
References
[1] https://github.com/dotnet/dotnet-docker/blob/master/samples/aspnetapp/aspnetcore-docker-https.md[2] https://www.markbrilman.nl/2011/08/howto-convert-a-pfx-to-a-seperate-key-crt-file/
[3] https://stackoverflow.com/a/44160125
[4] https://github.com/dotnet/cli/issues/9376#issuecomment-393954876
COMMENTS