18

I am following an online tutorial to create an ASP.NET Core Web application. I followed everything but had trouble with trusting the local HTTPS certificate.

When I first run the application, I got an error saying:

the access control list (acl) structure is invalid

I tried googling this error but couldn't find anything related to my ASP.NET application, after cleaning the solution I didn't get this error any longer.

But I was unable to run my application in browser using HTTPS as it always says: "This site is not secure"

I tried to trust certificate using CMD using this command:

dotnet dev-certs https --trust

It should show me a prompt to trust the certificate but it says

there was an error trusting the HTTPS developer certificate

and the application runs in an unsafe mode on the browser.

Can someone please help me run my application with HTTPS on my local environment? Any help will be greatly appreciated. Thanks

Improve this question
2
  • just wondering, are you an administrator user? Commented Jun 1, 2019 at 18:59
  • @ZeeshanAdil yes, I am an administrator Commented Jun 1, 2019 at 19:01

6 Answers 6

Reset to default
22

This seems to be a bug in ASP.NET Core 2.1:

what you need to do is go move your added certificates from your certificate manager.

go to start menu > Type "Win + R" type "certlm.msc", this will open your certificate manager.

go to Personal/Certificates

you will find a certificate named "localhost there.

Move that to "Trusted Root Certification Authorities/Certificates"

run the project again, and it should work.

Hope this helps.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Here's for mac users: support.apple.com/guide/keychain-access/…
You need to do it "as administrator" and restart windows afterwards.
20

I had this issue in .net 6, solve it with help of this comment.

dotnet dev-certs https --clean
dotnet dev-certs https --trust
Improve this answer

1 Comment

As somebody else suggested, if this still doesn't work on edge, make sure to restart the browser
18

If the other answers don't work, trying completely closing all Edge windows.

What can happen is that Edge doesn't recognize the new certificate until you restart it.

Improve this answer

3 Comments

Underrated solution, this needs to be done after making any of the other fixes.
Exactly this! After running "dotnet dev-certs https --clean" then "dotnet dev-certs https --trust" I had to close ALL Edge window before it would recognize the certificate.
This did it for me. I tried reinstalling, recleaning, retrusting, etc. no One mentioned that. Thank you so much
3

I had the same problem in .NET 5. Running the command gave me the same error. After a few iterations I figured it out finally...

I was trying to create certificates manually through certlm.msc (local computer) but apparently the certificate should be created in certmgr.msc (current user). This is the place where the certificate gets saved when you run the command dotnet dev-certs https --trust.

  1. Windows + R and type certlm.msc
  2. Go to Personal -> Certificates and export the localhost certificate with the same key (asks for password)
  3. Go to Trusted Root Certification Authorities -> Certificates and right-click to click on Import
  4. Browse and select the exported certificate
  5. Place all certificates in the following store is selected and click on Browse again
  6. Mark the checkbox: Show physical stores
  7. Click on Trusted Root Certification Authorities and press on Local Computer
  8. Finish everything
Improve this answer

Comments

1

I have tried all the suggestions but eventually, The below solution worked for me.

  1. Uninstall IIS Express via Add Remove Program
  2. Run command: dotnet dev-certs https --clean
  3. Re-install IIS Express by downloading it from the Microsoft website
  4. Run the Asp.Net application from Visual Studio
  5. Visual studio will prompt for generating a certificate, click yes. In my case, it generated the certificate but failed to add the certificate to the trusted root with an error 'Access Denied'
  6. Windows + R and type mmc
  7. File > Add Snap-In
  8. Select Certificates and click add
  9. Select the 'Computer account' option and click finish, then click Ok.
  10. Then expand the certificates(Local Computer) > Personal > Certificates
  11. You will find a local host certificate with the friendly name 'ISS Express Development Certificate'
  12. Select the certificate then cut and paste it into Trusted Root Certification Authorities -> Certificates
Improve this answer

Comments

0

This is how I got it working again after trying everything here:

  1. Update Visual Studio. I currently use Microsoft Visual Studio Enterprise 2022 (64-bit) - Version 17.14.0
  2. Uninstall IIS Express via Add or remove programs in Windows
  3. Clean all localhost certificates from both certlm.msc and certmgr.msc under Personal and Trusted Root Certification Authorities
  4. Start PowerShell as administrator
  5. Run: dotnet dev-certs https --clean
  6. Clear everything under C:\Users\<User>\AppData\Roaming\ASP.NET\Https
  7. Run dotnet dev-certs https --trust

Now I finally got a trusted certificate again and could run my ASP.NET Core app without a warning.

Source: https://stackoverflow.com/a/75311701/3850405

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.