I am unable to get IIS Express to accept secure connections for a VS2010 MVC3 project that I'm developing. I can get it to accept unsecure connections on port 80, but not secure on port 443.
I've taken the following steps, based on googling:
1) Located the SHA1 thumbprint for my IIS Express Server self-signed certificate via executing the following on a VS2010 commandline:
certmgr.exe /c /s /r localMachine MY
The result was 9B088F80 A4FC3141 28F62890 70BA1FC4 49FDD009. I learned later that I need to delete the spaces when using the thumbprint.
2) Deleted whatever certificate was linked to port 443 by executing the following on an elevated commandline prompt:
netsh http delete sslcert ipport=0.0.0.0:443
3) Generated a new GUID by running Create GUID off the VS2010 Tools menu. In my case I got B0421A5B-FF61-47CE-892D-11AA3A9C7D2A.
4) Installed the self-signed certificate to port 443 by executing the following on an elevated commandline prompt:
netsh http add sslcert ipport=0.0.0.0:443 certhash=9B088F80A4FC314128F6289070BA1FC449FDD009 appid={B0421A5B-FF61-47CE-892D-11AA3A9C7D2A}
5) Modified the ACL by running the following from an elevated commandline prompt:
netsh http add urlacl url=https://localhost:443/ user=everyone
6) Modified the application.config file for IIS Express by adding a binding for port 443 and the https protocol. The sites section for the file ended up looking like this:
<sites>
<site name="Development Web Site" id="1" serverAutoStart="true">
<application path="/">
<virtualDirectory path="/" physicalPath="%IIS_BIN%\AppServer\empty_wwwroot" />
</application>
<bindings>
<binding protocol="https" bindingInformation="*:443:localhost" />
<binding protocol="http" bindingInformation="*:80:localhost" />
</bindings>
</site>
<siteDefaults>
<logFile logFormat="W3C" directory="%IIS_USER_HOME%\Logs" />
<traceFailedRequestsLogging directory="%IIS_USER_HOME%\TraceLogFiles" enabled="true" maxLogFileSizeKB="1024" />
</siteDefaults>
<applicationDefaults applicationPool="IISExpressAppPool" />
<virtualDirectoryDefaults allowSubDirConfig="true" />
</sites>
7) Restarted the http service by executing the following at an elevated commandline prompt:
net stop http
net start http
8) Changed the Project URL on the Web tab of my MVC project's Property page to the following:
http://localhost/
Saving the project property page triggered a reconfiguration of the server after I made this change.
When I launch the MVC app from within VS2010 it correctly ties back to http://localhost (on port 80, the default; I haven't included all the steps for getting IIS Express to work with unsecure/normal connections on port 80, but they're essentially steps 5 thru 7, but focusing on http and port 80, not https and port 443).
However, trying to transition to any action that requires https gets me a "server refused connection" error.
What am I doing wrong?
After you've set a project to use IISExpress, press F4
while the project is selected on the solution explorer to bring up the properties and in the properties set SSL Enable
set true
and under SSL URL
set the URL with the port (443 in your case) you want for the SSL.
This works for me without going under the hood and the self signed certificate was automatic.
To run the project on that URL by default, you can right click on the project, select properties, then Web and replace the Project Url with https://localhost:443