Configuring SSL certificate(HTTPS)

A website needs an SSL certificate to keep user data secure, verify ownership, prevent attackers from creating a fake version of the site, and gain user trust.

This document introduces how to get and use an SSL certificate (HTTPS) for your application.

Get an SSL Certificate from a Certificate Authority

You can get a SSL certificate from a certificate authority (CA) such as Let's Encrypt or Cloudflare and so on.

Once you have a certificate, you need to configure your web server to use it. The following references show how to configure your web server to use a certificate.

• Host ASP.NET Core on Linux with Apache: HTTPS configuration
• Host ASP.NET Core on Linux with Nginx: HTTPS configuration
• How to Set Up SSL on IIS 7 or later

Create a Self-Signed Certificate

You can create a self-signed certificate for testing purposes or internal use.

There is an article about how to create a self-signed certificate; if you are using IIS, you can use the following document to obtain a Certificate

Common Problems

The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot

This error may occur when using IIS. You need to trust your certificate by Manage computer certificates.

References

• VCP IIS Deployment
• HTTPS in ASP.NET Core
• Let's Encrypt
• Cloudflare's Free SSL / TLS