Custom HTTPS Dev Environment using .NET Core, Kestrel & certificates

Custom HTTPS Dev Environment using .NET Core, Kestrel & certificates



In this step by step tutorial I take you through how to set up a “custom” domain using: .NET Core, Kestrel webserver, self-signed certificates and more.

Level: Beginner / Intermediate
📕 My Book:
🤗 Patreon Site (Exclusive Member Benefits!):
💻 Blog Article:
💻 Code on GitHub:
🔒 HTTPS Article:
🔑 Public & Private Keys:

⏲️ Time Codes ⏲️
——————————-
*INTRODUCTION*
– 2:21 Course Overview
– 5:46 Demo
– 6:27 Tooling

*HTTPS OVERVIEW*
– 6:49 What is HTTPS, SSL & TLS?
– 7:46 Certificate & Authorities Overview
– 9:44 What does a certificate contain?
– 10:30 Public & Private Key Overview
– 11:48 HTTPS How it Works (Interaction Diagram)

*LOCALHOST SET UP*
– 14:37 Scaffold Up our API
– 19:25 Generating a Local Dev Certificate
– 22:37 The need for a custom domain

*CUSTOM DOMAIN PART 1*
– 23:56 Update HOSTS File
– 27:02 Host name resolution order
– 28:15 Create our Self-Signed Certificate
– 35:00 Import Certificate into Trusted Root

*CUSTOM DOMAIN PART 2*
– 36:58 – User Secrets Overview
– 38:30 – Configure User Secrets
– 42:14 – Update appsettings.Development.json
– 44:07 – Create HostConfig static Class
– 46:00 – Update Program Class – Read in Config
– 49:55 – Load Certificate into Kestrel
– 55:13 – Listen on Specific IP Address

*FINAL THOUGHTS & ACKNOWLEDGEMENTS*
– 57:57 – Wrap Up
– 58:39 – Credits

28 thoughts on “Custom HTTPS Dev Environment using .NET Core, Kestrel & certificates

  1. ⏲️ Jump-to Time Codes! ⏲️
    ———————————————-
    INTRODUCTION

    – 2:21 Course Overview

    – 5:46 Demo

    – 6:27 Tooling

    *HTTPS OVERVIEW
    *
    – 6:49 What is HTTPS, SSL & TLS?

    – 7:46 Certificate & Authorities Overview

    – 9:44 What does a certificate contain?

    – 10:30 Public & Private Key Overview

    – 11:48 HTTPS How it Works (Interaction Diagram)

    *LOCALHOST SET UP
    *
    – 14:37 Scaffold Up our API

    – 19:25 Generating a Local Dev Certificate

    – 22:37 The need for a custom domain

    *CUSTOM DOMAIN PART 1
    *
    – 23:56 Update HOSTS File

    – 27:02 Host name resolution order

    – 28:15 Create our Self-Signed Certificate

    – 35:00 Import Certificate into Trusted Root

    *CUSTOM DOMAIN PART 2
    *
    – 36:58 – User Secrets Overview

    – 38:30 – Configure User Secrets

    – 42:14 – Update appsettings.Development.json

    – 44:07 – Create HostConfig static Class

    – 46:00 – Update Program Class – Read in Config

    – 49:55 – Load Certificate into Kestrel

    – 55:13 – Listen on Specific IP Address

    *FINAL THOUGHTS & ACKNOWLEDGEMENTS
    *
    – 57:57 – Wrap Up

    – 58:39 – Credits

  2. Thank you for another great video! I followed along with my API and works great within my dev machine. One question though in my dev environment, I need to call this API from another dev machine (2nd machine) in the same network. I'm trying to reach the API using IP address since I don't have the host file set up on the 2nd machine. I'm getting certificate issue. These 2 machines can ping each other.

  3. Thanks, It's works well with Edge browser, but in my case, it does not work with Firefox or Safari (which ask to add an exception).
    Custom Certificate is it the good way to use API https connection a LAN Production project ?

  4. Man I am having following error while trying to access other microservice from ocelot apy gateway:

    ption: The SSL connection could not be established, see inner exception.

    gatewayapi | —> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch, RemoteCertificateChainErrors

    gatewayapi | at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)

    gatewayapi | at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)

    gatewayapi | at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)

    gatewayapi | — End of inner exception stack trace —

    gatewayapi | at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)

    gatewayapi | at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)

    gatewayapi | at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)

    gatewayapi | at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)

    gatewayapi | at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)

    gatewayapi | at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)

    gatewayapi | at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)

  5. PLEASE HELP MEE!!!
    Amazing video but if I add that "var host = Dns.GetHostEntry("");" line in program.cs my code jumps to that line instead of entering into ".ConfigureServices((context, services) =>"… any idea why??? I'm trying to get the string with the domain from config so I'm using it like this: https://prnt.sc/vwnlaq
    thanks!

  6. Hi Les, Thank you for your very well structured video, it's great.
    One question: Any reason why not reading the certificate from the Certificate Store instead of reading from file?
    This way you don't have even to worry with passwords.
    Regards.

  7. Thanks for tutorial!

    Btw, you can read configuration file just from .ConfigureKestrel( ), so you don't need to use custom class HostConfig for passing values.
    .ConfigureWebHostDefaults(webBuilder =>

    {

    webBuilder.ConfigureKestrel((context, kestrel) =>

    {

    var file = context.Configuration["CertificateFileLocation"];

    var password = context.Configuration["CertPassword"];

    });

    })

  8. @Les Jackson
    #Les Jackson

    Hi, I was wondering if there is a way to utilize Typescript with dotnet core 3.1 and web api? I would really love to see the use of Typescript in the backend on dotnet core.

  9. Thank you so much for this. Even the parts you said you wouldn't go deep into were plenty. I was able to secure my local dns and understand better how the whole thing hangs together.
    My issue is that I am working with Nativescript and just for added measure, SignalR as well.
    I've been struggling with trying to get an Android Emulator to communicate with my server while it ignores my hosts file and has it's own version of all my DNSs …good times.
    I don't see it on your channels as yet but I'm really really hoping it's an area you are planning to explore.
    However, getting this ssl part has really helped to get to the next step of Jumanji Infinity

  10. what i fin dissapointing is a channel like that where we find a real treasure have little subscribers meanwhile gaming channels have millions.

  11. Thanks Les. I'm struggling with getting my react app and jquery to talk to my local webapi so I'm hoping this does the trick.

  12. Hey Les, very well done! Thank you. I've been scouring the Internet trying to find how to use my TLS cert in Kestrel.

  13. Greetings from the Scottish Borders. Why has it taken so long for YouTube algo to suggest your videos to my feed?? These are without doubt the best tutorials on YouTube and I watched loads. Love the way you don’t copy/paste code or waffle while typing. Keep them coming

Leave a Reply

Your email address will not be published. Required fields are marked *