Custom HTTPS Dev Environment using .NET Core, Kestrel & certificates

⏲️ *Jump-to Time Codes!* ⏲️
----------------------------------------------
*INTRODUCTION*
- 2:21 Course Overview
- 5:46 Demo
- 6:27 Tooling
*HTTPS OVERVIEW
*
- 6:49 What is HTTPS, SSL & TLS?
- 7:46 Certificate & Authorities Overview
- 9:44 What does a certificate contain?
- 10:30 Public & Private Key Overview
- 11:48 HTTPS How it Works (Interaction Diagram)
*LOCALHOST SET UP
*
- 14:37 Scaffold Up our API
- 19:25 Generating a Local Dev Certificate
- 22:37 The need for a custom domain
*CUSTOM DOMAIN PART 1
*
- 23:56 Update HOSTS File
- 27:02 Host name resolution order
- 28:15 Create our Self-Signed Certificate
- 35:00 Import Certificate into Trusted Root
*CUSTOM DOMAIN PART 2
*
- 36:58 - User Secrets Overview
- 38:30 - Configure User Secrets
- 42:14 - Update appsettings.Development.json
- 44:07 - Create HostConfig static Class
- 46:00 - Update Program Class - Read in Config
- 49:55 - Load Certificate into Kestrel
- 55:13 - Listen on Specific IP Address
*FINAL THOUGHTS & ACKNOWLEDGEMENTS
*
- 57:57 - Wrap Up
- 58:39 - Credits

You are the only one who explain all the details clearly, I appreciate that. Thanks a lot.

Amazing video. Unbelievable such a kind effort to help others also to learn what you learned. Your sequence of teaching is so good. Thank you very much for this video

Greetings from the Scottish Borders. Why has it taken so long for TH-cam algo to suggest your videos to my feed?? These are without doubt the best tutorials on TH-cam and I watched loads. Love the way you don’t copy/paste code or waffle while typing. Keep them coming

Fantastic session with lots of learning , at the same time very interesting to watch. Thank you for putting so much effort in creating and sharing this with developer community. I would love to see more videos taking step further to see how can we deploy this into cloud , ex running as a container. Thanks again !!

There is a Auto completion in Powershell. If you start typing "convertto-s" and press TAB you'll get "ConvertTo-SecureString".
It works with parameters and directories\files as well.

Brilliant - now I understand certificates with some degree of confidence

Suddenly getting the urge for a dram while listening to you Les 😅 Great content thank you!

Thank you very much, I am just finishing my first production Api and I have been stuck on this for past 2 days :DD

Thanks for tutorial!
Btw, you can read configuration file just from .ConfigureKestrel( ), so you don't need to use custom class HostConfig for passing values.
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureKestrel((context, kestrel) =>
{
var file = context.Configuration["CertificateFileLocation"];
var password = context.Configuration["CertPassword"];
});
})

Very nice explained. Great job.

Just in case, for intellisense use Windows Powershell ISE and use TAB key for auto-complete

Amazing video. I hope u make another tutorial video for docker

Thank you! It was treat to watch this video! Loved it ! Enjoyed it !

finally it's nice to see you again 🎉🎉

Thank you for making this. Super helpful. I always appreciate all your videos.

I have enjoyed this one than any other, Les! Many thanks ❤

Hi Les. I would like to thank you so much for providing this tutorial. It helped me a lot.

Thank you so much for this. Even the parts you said you wouldn't go deep into were plenty. I was able to secure my local dns and understand better how the whole thing hangs together.
My issue is that I am working with Nativescript and just for added measure, SignalR as well.
I've been struggling with trying to get an Android Emulator to communicate with my server while it ignores my hosts file and has it's own version of all my DNSs ...good times.
I don't see it on your channels as yet but I'm really really hoping it's an area you are planning to explore.
However, getting this ssl part has really helped to get to the next step of Jumanji Infinity

Best wishes from Scotland (Balloch).

Hey Les, very well done! Thank you. I've been scouring the Internet trying to find how to use my TLS cert in Kestrel.

You're amazing sir, getting to learn loads of useful stuff from you. Thank you. Keep up the good work.

your tutorials are great man , great, thank you a million

Very nice video! Saved my day.. Just a question will this work with CA signed certificate on production?

8:36... "hopefully" we trust ourselves. very deep..

Thanks so much dude! You're video is helping me a lot.
Question, if I don't want to create a domain name but only use the ip address of my machine, will I only need to generate the certificate but using the ip address instead of the domain name?

Thanks a lot for such great help :)

Thank you very much for this video sir,I really enjoy watching video on this channel.God bless you.

Would be great to see that updated for .NET 6

Hi Les , Great video . I really enjoyed it.

Fantastic! Thanks a lot!

Thank you very much, you saved my weekend.

Hey Les, thanks for the amazing content that you put out! It really helps us! I would like to ask you if you could do a video on microservices and microservices internal communication. How would one do it and if can we use kubernetes to scale the microservices. Thanks!

Fantastic video, thanks a lot. One question, are you going to do a video for a production enviroment?

Thanks so much... Very high quality content !!!

I like your content , thanks m8 !

Thank you for another great video! I followed along with my API and works great within my dev machine. One question though in my dev environment, I need to call this API from another dev machine (2nd machine) in the same network. I'm trying to reach the API using IP address since I don't have the host file set up on the 2nd machine. I'm getting certificate issue. These 2 machines can ping each other.

You've helped a lot!
Thanks!

Thanks a lot for this wonderful content.

Thank you for great explanation

❤ PowerShell here

Thanks man! Really helpful.

Jackson, do you have any videos showing api with digital authentication? I need to prepare my api to receive notification from a webhook, which uses mtls for communication.

Thanks Les. I'm struggling with getting my react app and jquery to talk to my local webapi so I'm hoping this does the trick.

DHCP is Dynamic Host _Configuration_ Protocol. Great video though

Hi Les , This was a great video . Totally loved it
Would you be making video on EshopOnContainers microservices ?

Hi Les, Thank you for your very well structured video, it's great.
One question: Any reason why not reading the certificate from the Certificate Store instead of reading from file?
This way you don't have even to worry with passwords.
Regards.

Great tutorial. I'm doing this in .NET 6 and using minimal api approach. I have a question about using options.ListenAnyIP vs. the Dns host approach: If use ListenAnyIP, when I run the app, it opens to the url I have in the config, (and the url matches the cert url), But, if I use the resolved DNS ip, when I run the app, it doesn't open the url, and if I go to the url, it can't validate the certificates. So what options can I use to have it go to the url, rather than try to use the ip address?

Thankyou!

Hi Les, nice video, this has always been a mystery to me. One issue I have noticed is that although Edge works as shown, Chrome still says the certificate is Invalid. Not sure why, any ideas? It does come good after setting up the certificate etc.
Bad luck about Melbourne being back in lockdown, I'm in Forest Hill and was excited about starting to get out again :-(

Did you find a good Open SSL article?

Thank you very much for sharing videos

could you make a video for certs in ubuntu or linux base os ?, i have spend three days and still have not got it to work.. dev certs for linux is a pain in the ass .

Thanks boss for your contents.

On my work machine it... works.
On Linux too.
On my personal machine it... gets personal and throws 'System.Security.Cryptography.CryptographicException' occurred in System.Security.Cryptography.dll: 'Access denied.'
Any idea what makes it break ?

Hola desde chile.. Si no quisiera levantarlo con Kestrel sino por iis express como sería?

Thank you so much

Hello, I've a doubt. How do change the url length in kestrel so that I can pass strings of larger length?

Hi Les. I wonder why don't we remove the http entry from application url and just use https only ?

Thanks, It's works well with Edge browser, but in my case, it does not work with Firefox or Safari (which ask to add an exception).
Custom Certificate is it the good way to use API https connection a LAN Production project ?

Thank you!

is this a big difference when we configure our SSL only in application code / or only in server configuration?

@Les Jackson
#Les Jackson
Hi, I was wondering if there is a way to utilize Typescript with dotnet core 3.1 and web api? I would really love to see the use of Typescript in the backend on dotnet core.

Super Like

nice

`dotnet dev-certs https --trust` doesn't work for me. It creates the certificate but doesn't Trust it. It only appears under Personal Certificates :/

Hey Les, I would I get this to work when deployed in Azure?

what i fin dissapointing is a channel like that where we find a real treasure have little subscribers meanwhile gaming channels have millions.

PLEASE HELP MEE!!!
Amazing video but if I add that "var host = Dns.GetHostEntry("");" line in program.cs my code jumps to that line instead of entering into ".ConfigureServices((context, services) =>"... any idea why??? I'm trying to get the string with the domain from config so I'm using it like this: prnt.sc/vwnlaq
thanks!

Any one knows how to CA Signed Certificate to a custom domain using Kestrel

Does it work on .net 5 ? I get an error NET::ERR_CERT_COMMON_NAME_INVALID