Custom HTTPS Dev Environment using .NET Core, Kestrel & certificates

⏲️ *Jump-to Time Codes!* ⏲️
----------------------------------------------
*INTRODUCTION*
- 2:21 Course Overview
- 5:46 Demo
- 6:27 Tooling
*HTTPS OVERVIEW
*
- 6:49 What is HTTPS, SSL & TLS?
- 7:46 Certificate & Authorities Overview
- 9:44 What does a certificate contain?
- 10:30 Public & Private Key Overview
- 11:48 HTTPS How it Works (Interaction Diagram)
*LOCALHOST SET UP
*
- 14:37 Scaffold Up our API
- 19:25 Generating a Local Dev Certificate
- 22:37 The need for a custom domain
*CUSTOM DOMAIN PART 1
*
- 23:56 Update HOSTS File
- 27:02 Host name resolution order
- 28:15 Create our Self-Signed Certificate
- 35:00 Import Certificate into Trusted Root
*CUSTOM DOMAIN PART 2
*
- 36:58 - User Secrets Overview
- 38:30 - Configure User Secrets
- 42:14 - Update appsettings.Development.json
- 44:07 - Create HostConfig static Class
- 46:00 - Update Program Class - Read in Config
- 49:55 - Load Certificate into Kestrel
- 55:13 - Listen on Specific IP Address
*FINAL THOUGHTS & ACKNOWLEDGEMENTS
*
- 57:57 - Wrap Up
- 58:39 - Credits

You are the only one who explain all the details clearly, I appreciate that. Thanks a lot.

Amazing video. Unbelievable such a kind effort to help others also to learn what you learned. Your sequence of teaching is so good. Thank you very much for this video

Thank you for making this. Super helpful. I always appreciate all your videos.

Greetings from the Scottish Borders. Why has it taken so long for RUclips algo to suggest your videos to my feed?? These are without doubt the best tutorials on RUclips and I watched loads. Love the way you don’t copy/paste code or waffle while typing. Keep them coming

You're amazing sir, getting to learn loads of useful stuff from you. Thank you. Keep up the good work.

Thank you! It was treat to watch this video! Loved it ! Enjoyed it !

Hi Les. I would like to thank you so much for providing this tutorial. It helped me a lot.

Brilliant - now I understand certificates with some degree of confidence

your tutorials are great man , great, thank you a million

I have enjoyed this one than any other, Les! Many thanks ❤

Thank you very much, I am just finishing my first production Api and I have been stuck on this for past 2 days :DD

Hey Les, very well done! Thank you. I've been scouring the Internet trying to find how to use my TLS cert in Kestrel.

Thank you very much, you saved my weekend.

Thanks so much... Very high quality content !!!

Thanks man! Really helpful.

Fantastic session with lots of learning , at the same time very interesting to watch. Thank you for putting so much effort in creating and sharing this with developer community. I would love to see more videos taking step further to see how can we deploy this into cloud , ex running as a container. Thanks again !!

You've helped a lot!
Thanks!

Fantastic! Thanks a lot!

Suddenly getting the urge for a dram while listening to you Les 😅 Great content thank you!

Thanks a lot for such great help :)

Thank you for great explanation

finally it's nice to see you again 🎉🎉

Thanks a lot for this wonderful content.

I like your content , thanks m8 !

Thank you so much for this. Even the parts you said you wouldn't go deep into were plenty. I was able to secure my local dns and understand better how the whole thing hangs together.
My issue is that I am working with Nativescript and just for added measure, SignalR as well.
I've been struggling with trying to get an Android Emulator to communicate with my server while it ignores my hosts file and has it's own version of all my DNSs ...good times.
I don't see it on your channels as yet but I'm really really hoping it's an area you are planning to explore.
However, getting this ssl part has really helped to get to the next step of Jumanji Infinity

There is a Auto completion in Powershell. If you start typing "convertto-s" and press TAB you'll get "ConvertTo-SecureString".
It works with parameters and directories\files as well.

Hi Les , Great video . I really enjoyed it.

Best wishes from Scotland (Balloch).

Thanks for tutorial!
Btw, you can read configuration file just from .ConfigureKestrel( ), so you don't need to use custom class HostConfig for passing values.
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureKestrel((context, kestrel) =>
{
var file = context.Configuration["CertificateFileLocation"];
var password = context.Configuration["CertPassword"];
});
})

Thank you very much for sharing videos

Thanks boss for your contents.

Thankyou!

Thank you so much

Thank you!

Amazing video. I hope u make another tutorial video for docker

Thank you very much for this video sir,I really enjoy watching video on this channel.God bless you.

8:36... "hopefully" we trust ourselves. very deep..

Just in case, for intellisense use Windows Powershell ISE and use TAB key for auto-complete

Thanks so much dude! You're video is helping me a lot.
Question, if I don't want to create a domain name but only use the ip address of my machine, will I only need to generate the certificate but using the ip address instead of the domain name?

Fantastic video, thanks a lot. One question, are you going to do a video for a production enviroment?

Very nice video! Saved my day.. Just a question will this work with CA signed certificate on production?

Thank you for another great video! I followed along with my API and works great within my dev machine. One question though in my dev environment, I need to call this API from another dev machine (2nd machine) in the same network. I'm trying to reach the API using IP address since I don't have the host file set up on the 2nd machine. I'm getting certificate issue. These 2 machines can ping each other.

Hi Les, Thank you for your very well structured video, it's great.
One question: Any reason why not reading the certificate from the Certificate Store instead of reading from file?
This way you don't have even to worry with passwords.
Regards.

Hey Les, thanks for the amazing content that you put out! It really helps us! I would like to ask you if you could do a video on microservices and microservices internal communication. How would one do it and if can we use kubernetes to scale the microservices. Thanks!

Would be great to see that updated for .NET 6

Great tutorial. I'm doing this in .NET 6 and using minimal api approach. I have a question about using options.ListenAnyIP vs. the Dns host approach: If use ListenAnyIP, when I run the app, it opens to the url I have in the config, (and the url matches the cert url), But, if I use the resolved DNS ip, when I run the app, it doesn't open the url, and if I go to the url, it can't validate the certificates. So what options can I use to have it go to the url, rather than try to use the ip address?

Jackson, do you have any videos showing api with digital authentication? I need to prepare my api to receive notification from a webhook, which uses mtls for communication.

Hi Les,
Great tutorial, but I have a question, when I am launching this url from another client on the same network, I am getting the browser warning. How to get rid of that warning ? I am working on a .net core api project which I am hosting as a windows service, would appreciate if you can answer this.. 🙏🙏

Hola desde chile.. Si no quisiera levantarlo con Kestrel sino por iis express como sería?

@Les Jackson
#Les Jackson
Hi, I was wondering if there is a way to utilize Typescript with dotnet core 3.1 and web api? I would really love to see the use of Typescript in the backend on dotnet core.

Thanks, It's works well with Edge browser, but in my case, it does not work with Firefox or Safari (which ask to add an exception).
Custom Certificate is it the good way to use API https connection a LAN Production project ?

Hi Les. I wonder why don't we remove the http entry from application url and just use https only ?

nice

Thanks Les. I'm struggling with getting my react app and jquery to talk to my local webapi so I'm hoping this does the trick.

is this a big difference when we configure our SSL only in application code / or only in server configuration?

Hey Les, I would I get this to work when deployed in Azure?

❤ PowerShell here

Hello, I've a doubt. How do change the url length in kestrel so that I can pass strings of larger length?

Hi Les , This was a great video . Totally loved it
Would you be making video on EshopOnContainers microservices ?

Super Like

Did you find a good Open SSL article?

Hi Les, nice video, this has always been a mystery to me. One issue I have noticed is that although Edge works as shown, Chrome still says the certificate is Invalid. Not sure why, any ideas? It does come good after setting up the certificate etc.
Bad luck about Melbourne being back in lockdown, I'm in Forest Hill and was excited about starting to get out again :-(

could you make a video for certs in ubuntu or linux base os ?, i have spend three days and still have not got it to work.. dev certs for linux is a pain in the ass .

DHCP is Dynamic Host _Configuration_ Protocol. Great video though

On my work machine it... works.
On Linux too.
On my personal machine it... gets personal and throws 'System.Security.Cryptography.CryptographicException' occurred in System.Security.Cryptography.dll: 'Access denied.'
Any idea what makes it break ?

Any one knows how to CA Signed Certificate to a custom domain using Kestrel

`dotnet dev-certs https --trust` doesn't work for me. It creates the certificate but doesn't Trust it. It only appears under Personal Certificates :/

PLEASE HELP MEE!!!
Amazing video but if I add that "var host = Dns.GetHostEntry("");" line in program.cs my code jumps to that line instead of entering into ".ConfigureServices((context, services) =>"... any idea why??? I'm trying to get the string with the domain from config so I'm using it like this: prnt.sc/vwnlaq
thanks!

what i fin dissapointing is a channel like that where we find a real treasure have little subscribers meanwhile gaming channels have millions.

Does it work on .net 5 ? I get an error NET::ERR_CERT_COMMON_NAME_INVALID