Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found

Question

I am working on a fabric application where I have configured HTTPS. It is throwing an exception though I have a valid installed certificate.

Peter Morris · Answer 1 · 2020-05-04T15:06:05.330

228

These instructions from this blog worked for me

dotnet dev-certs https --clean
dotnet dev-certs https -t
Restart VS

edited May 04 '20 at 15:06

answered May 13 '19 at 12:31

Peter Morris

16,193
8
71
124

1

if this fails (like it did in my case the check out @Stephen's answer ( https://stackoverflow.com/a/57301251/1796 ) - that worked for me. – Andrei Rînea Sep 18 '19 at 09:38
3

Restarting VS was necessary for me in addition to these steps – Andrew Bullock May 04 '20 at 11:04
1

@AndrewBullock Updated to include that step, thanks. – Peter Morris May 04 '20 at 15:06
1

Followed this but still had issues - then did what @hikarikuen suggested (https://stackoverflow.com/a/64776368/5101) - cleared the localhost personal certificates from the Windows Cert store, and then re-ran above command and everything worked. – Thiago Silva Feb 05 '21 at 05:47
Works like a charm! In windows is necessary to use the command prompt as Administrator – Murilo Maciel Curti Jan 28 '22 at 18:31
The same worked for me on Windows 11 and Rider. Got about five old certificated which were cleaned out and then with a new one it worked nicely. – ICantSeeSharp Mar 24 '22 at 08:59
A CD C:\Program Files\dotnet helped me – Luca Ziegler Mar 25 '22 at 16:19

Stephen Gilboy · Answer 2 · 2019-12-07T00:19:10.820

63

I am on OSX and dotnet dev-certs https --clean and sudo dotnet dev-certs https --clean were not working for me. Finally I was able to fix it with the following steps.

Go into Keychain Access
Unlock System Keychain
Delete the localhost certificate
Run dotnet dev-certs https -t

You should now be able to run without the error.

Edit:

If, after following the above answer, you do run into an error that reads There was an error saving the HTTPS developer certificate... check out this answer https://stackoverflow.com/a/56709117/621827

edited Dec 07 '19 at 00:19

answered Aug 01 '19 at 02:54

Stephen Gilboy

4,662
1
32
32

next time just run as sudoer, dotnet ev-certs https --clean ;) also, trust your certs, they usually only complain for a reason. – Pogrindis Aug 01 '19 at 03:02
1

@Pogrindis I did run as `sudo` and it still didn't work. I had to manually delete it from the Keychain to fix the issue. – Stephen Gilboy Aug 01 '19 at 03:22
3

You're a live saver dude. – AskYous Sep 14 '19 at 03:45
1

This solution worked for me on OS X 10.14.6 with .NET Core 2.1(.301) – Andrei Rînea Sep 18 '19 at 09:39
1

This solution worked for me too on macOS Monterey 12.1 M1 – Doniyor Niyozov Jan 19 '22 at 05:59

hikarikuen · Answer 3 · 2022-01-18T17:00:22.290

57

Solution

(for Windows, not sure if there's an equivalent issue/solution for other OSs)

In a command prompt or Powershell terminal:

Run certmgr.msc and delete all localhost certificates under both Personal\Certificates and Trusted Root Certification Authorities\Certificates.
Then run dotnet dev-certs https -t a single time to create and trust a new development certificate.
Verify by running dotnet dev-certs https --check --verbose, or just try debugging your ASP.NET app again.

You may also need to run dotnet dev-certs https --clean before creating the new certificate.

edited Jan 18 '22 at 17:00

answered Nov 10 '20 at 20:32

hikarikuen

690
8
14

3

Thanks for this. For my I needed to go and delete all of the "localhost" certs in certmgr.msc -> Personal\Certficates. I had tried all the other "things", and it didn't work until I did this. – atariman5000 Jan 28 '21 at 17:58
2

+1. There were a lot of junk localhost certificates under Personal\Certificates, even after running clean. Thank you. – hcd00045 Apr 06 '21 at 19:49
1

Cleaning the certificates under the certificate manager was also required in my case. May you please rewrite your answer to first provide the resolution steps? In its current form it is likely there are people who go away before reaching the actual solution. (I could edit your answer for doing so, but it may be too much of a change to be done by anyone but the author.) – Frédéric Jan 18 '22 at 09:25

score 21 · Answer 4 · answered Aug 03 '19 at 15:15

21

For me the problem was resolved by running:

dotnet dev-certs https --clean
dotnet dev-certs https --verbose

answered Aug 03 '19 at 15:15

Davor

241
2
7

score 12 · Answer 5 · answered Jul 22 '19 at 13:44

I had this issue on my Windows 10 system using visual studio. The problem seemed to be that the command used in the GUI to clear the local certs for HTTPS was failing with an error message that I can no longer reproduce.

The solution for me was to open the certmgr for the current windows account and to delete all of the personal localhost certs. There was ~20 certs there for me because I've tried re-creating them many times. After deleting all of those certs I ran my .Net core HTTPS API once more and everything worked!

In summary, open your certmgr for your current user and clear all personal/localhost certs.

this worked for me after the other answers didn't. Cleared two sets of localhosts under Personal and Trusted Root Certs. — WernerCD, Dec 24 '20 at 17:56

score 8 · Answer 6 · edited Sep 18 '21 at 04:49

8

For me deleting the files under file:\\%APPDATA%\Microsoft\SystemCertificates\My\Certificates and run in cmd dotnet dev-certs https -t solved my issue.

edited Sep 18 '21 at 04:49

sta

24,192
8
39
53

answered Sep 02 '21 at 01:51

Veleirian

81
1
2

Seems like certmgr.msc failed to delete these files so deleting them manually solved the problem – Anton Nov 08 '21 at 10:52
it works for me. thank you @Veleirian – aungye Dec 20 '21 at 08:47

score 6 · Answer 7 · answered Jul 11 '20 at 05:02

In windows, dotnet dev-certs https --clean doesn't work for me, I have to delete these localhost certs manually.

Open certmgr.msc
Delete all localhost certs under 'Trusted Root Certification Authorities/Certificates'
Run dotnet dev-certs https -t

score 4 · Answer 8 · edited Oct 29 '21 at 13:23

4

Open RUN , then type mmc.exe, then

double click certificate

Delete localhost cert in both folders

then open your powershell

dotnet dev-certs https --clean
dotnet dev-certs https 
dotnet dev-certs https --trust

edited Oct 29 '21 at 13:23

Suraj Rao

28,850
10
94
99

answered Oct 29 '21 at 13:08

Amith Thillenkery

51
1

score 2 · Answer 9 · answered Nov 22 '18 at 16:55

I had a similar (but not exactly the same) problem.
With 2.1 you have to configure your certificate.
I do this now completely in appsettings.json.
You can find my posting here:
Configure self hosting Kestrel App with certificate for https (internet web server)

Only have a look to the solution...

score 1 · Answer 10 · answered May 26 '21 at 19:10

If dotnet dev-certs https --clean not working.

Open Run and open mmc.exe
Inside MMC from File menu click on Add/Remove Snap-in.
In the add/remove snap-in window, find certificates in available snap-ins and add it to the selected
Pick User account
In the console root -> Certificates Current User -> Personal click on Certificates
You will see the list of issued and installed certificates for the current user. DON’T remove or change any certificates you don’t know, only remove certificates related to self-sign localhost ASP.NET Core.

score 1 · Answer 11 · answered Feb 07 '22 at 22:31

If you are visiting this page and if you are unfortunate like me who tried every single solution/approach mentioned on this page but nothing worked, then you may like to know what I did and solved my problem.

I was getting this error from my ASP.NET Core web application no matter how many times I deleted the localhost certificates.

Then, I created a self-signed certificate using Powershell with this command. [I copied this PowerShell snippet from somewhere on the internet. Cannot remember the source.]

  $cert = New-SelfSignedCertificate -DnsName mydemowebapp.net -CertStoreLocation cert:\LocalMachine\My
  $pwd = ConvertTo-SecureString -String "MyPassword" -Force -AsPlainText
  Export-PfxCertificate -Cert $cert -FilePath C:\temp\cert.pfx -Password $pwd

Then, in my appsertings.Development.json, I added this entry.

  "Kestrel": {
    "EndPoints": {
      "Https": {
        "Url": "https://localhost:5000",
        "Certificate": {
          "Path": "C:\\temp\\cert.pfx",
          "Password": "MyPassword",
          "AllowInvalid": "true"
        }
      }
    }
  }

Ran the application, boom! problem solved. I used the same URL https://localhost:5000 as I found in my LaunceSettings.

I hate a solution like this, but at least I could continue my development with such a solution. I do not know what really happened recently that I had to face this issue. Was that a windows update? or something else? I don't know. I did not face this issue before, until recently. And yes, I remembered to run the Website in Kestrel rather than IIS.

score 0 · Answer 12 · answered May 13 '19 at 12:40

0

I had the same issues and cleaning -> then installing certs helped me (another answer here). You also may issue a certificate as like for production server. Quite helpful to know.

answered May 13 '19 at 12:40

cyberpug2077

192
1
13

score 0 · Answer 13 · answered Sep 04 '19 at 10:42

Not sure if this will help anybody else but I had exactly this issue on my Mac. I have the project in Dropbox and so it is shared across machines, on the '2nd' machine I had to go in and manually delete the 'obj' and 'bin' folders, then re-run the application and it all worked

score 0 · Answer 14 · answered Jan 20 '20 at 16:38

If you want to work with an environment that is not Development, don't forget that user secrets are only added automatically when env is Development.

You can use the AddUserSecrets methods to resolve this :

public static IHostBuilder CreateHostBuilder(string[] args) =>
        Host.CreateDefaultBuilder(args)
            .ConfigureWebHostDefaults(webBuilder =>
            {
                webBuilder.ConfigureAppConfiguration((hostingContext, builder) =>
                {
                    var env = hostingContext.HostingEnvironment;
                    if (env.IsEnvironment("Local"))
                    {
                        builder.AddUserSecrets<Startup>();
                    }
                })
                .UseStartup<Startup>();
            });

see also : https://docs.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-3.1&tabs=windows#access-a-secret

No need to create local variable, you can write check condition inline — DioBrando, Nov 25 '20 at 18:47

score 0 · Answer 15 · answered Apr 20 '20 at 12:16

0

I was having the same issue. The problem was that the project was with .net 4.6.1 and not .net core .

answered Apr 20 '20 at 12:16

Fernando Moreira

785
4
16

score 0 · Answer 16 · answered Aug 18 '20 at 20:25

0

I run this on my command prompt. btw I am using Window 10 dotnet dev-certs https dotnet dev-certs https -t

answered Aug 18 '20 at 20:25

hr person

1

Please careful after using these command make sure you restart visual studio – hr person Aug 18 '20 at 20:26

score 0 · Answer 17 · answered Dec 15 '20 at 04:55

0

dotnet tool uninstall --global dotnet-dev-certs --version (required version)
dotnet tool install --global dotnet-dev-certs
dotnet dev-certs https --trust

For more details visit the GitHub issue page here also the official documentation Here

answered Dec 15 '20 at 04:55

Jawahar05

314
8
17

score 0 · Answer 18 · edited Apr 28 '21 at 17:44

0

I ran into this problem and my solution was to restart. When I did and then reopened Visual Studio 2019, it asked me to accept a new SSL certificate. After that, I was able to run my program.

edited Apr 28 '21 at 17:44

Dharman

26,923
21
73
125

answered Apr 28 '21 at 17:39

dmrobotix

65
1
9

score 0 · Answer 19 · answered May 08 '21 at 00:21

One more detail - If you generally log in as a normal (non-admin) user, do NOT run the "dotnet dev-certs https" commands from an admin command prompt if you have a separate admin-level identity. Run them in a normal command prompt under your normal login. Ask me how I know. :-P

If you run these commands from an elevated command prompt (using a distinctly separate admin identity) you will experience the following:

"dotnet dev-certs https --trust" will work just fine
"dotnet dev-certs https --check --verbose" will tell you that everything is fine
VS Code will continue to spit out the "Unable to configure HTTPS endpoint ..." error when you try to start the debugger
You will continue to get "Certificate Not Trusted" warnings from your browser.

If you see these issues, run the "dotnet dev-certs https" commands from a normal command prompt. Fixed it for me. Hope this helps someone without spending the time that I did on this!

score 0 · Answer 20 · answered Mar 14 '22 at 16:16

0

Generate a new certificate:

$ dotnet dev-certs https --trust
The HTTPS developer certificate was generated successfully.

answered Mar 14 '22 at 16:16

Jhonny Ramirez Zeballos

1,153
9
12

score -2 · Answer 21 · answered Mar 22 '21 at 11:30

-2

I commented following line in 'Startup.cs' file, and it worked for me.

app.UseHttpsRedirection();

answered Mar 22 '21 at 11:30

siddharth borania

7
1

1

Comments are not fixes – JCKödel Apr 05 '21 at 21:33
commenting out this could help to get unblocked, in my project this was not the issue, manually had to update properties/launchSettings.json, remove from there the https url "applicationUrl": "http://localhost:5094", I know this is not the fix but while developing It is valid to use http only – Oswaldo Zapata May 07 '21 at 04:39

Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found

21 Answers21

Solution

Linked