Difference between revisions of "Creating .NET Core Certificates"
From Logic Wiki
(Created page with "Category:Envoy Category:Dotnet Category:Microservices Category:Security Category:SSL == Generating a certificate == Generating a certificate and export it...") |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
[[Category:Security]] | [[Category:Security]] | ||
[[Category:SSL]] | [[Category:SSL]] | ||
| + | == Cleaning Certificate == | ||
| + | dotnet dev-certs https --clean | ||
== Generating a certificate == | == Generating a certificate == | ||
| + | Check my slide show and github for this. | ||
| + | * [https://github.com/Aliiybar/DotnetMigrations https://github.com/Aliiybar/DotnetMigrations] | ||
| + | * [https://docs.google.com/presentation/d/1Ril4hs9yEsrbumaSE7xLp61S-YnFFQMAdoZkvvy1uOo/edit?usp=sharing https://docs.google.com/presentation/d/1Ril4hs9yEsrbumaSE7xLp61S-YnFFQMAdoZkvvy1uOo/edit?usp=sharing] | ||
| + | |||
Generating a certificate and export it to USERPROFILE path (-ep : export path) SignAPI.pfx should case sensitive and must match the dll name | Generating a certificate and export it to USERPROFILE path (-ep : export path) SignAPI.pfx should case sensitive and must match the dll name | ||
dotnet dev-certs https -ep $env:USERPROFILE\.aspnet\https\SignAPI.pfx -p pa55w0rd! | dotnet dev-certs https -ep $env:USERPROFILE\.aspnet\https\SignAPI.pfx -p pa55w0rd! | ||
you should see this | you should see this | ||
A valid HTTPS certificate is already present. | A valid HTTPS certificate is already present. | ||
| + | so ... | ||
dotnet dev-certs https --trust | dotnet dev-certs https --trust | ||
if it's already there this must be seen | if it's already there this must be seen | ||
Latest revision as of 14:16, 3 November 2021
Cleaning Certificate
dotnet dev-certs https --clean
Generating a certificate
Check my slide show and github for this.
- https://github.com/Aliiybar/DotnetMigrations
- https://docs.google.com/presentation/d/1Ril4hs9yEsrbumaSE7xLp61S-YnFFQMAdoZkvvy1uOo/edit?usp=sharing
Generating a certificate and export it to USERPROFILE path (-ep : export path) SignAPI.pfx should case sensitive and must match the dll name
dotnet dev-certs https -ep $env:USERPROFILE\.aspnet\https\SignAPI.pfx -p pa55w0rd!
you should see this
A valid HTTPS certificate is already present.
so ...
dotnet dev-certs https --trust
if it's already there this must be seen
Trusting the HTTPS development certificate was requested. A confirmation prompt will be displayed if the certificate was not previously trusted. Click yes on the prompt to trust the certificate. A valid HTTPS certificate is already present.
User Secrets
in .csproj file after <TargetFramework> tag add this with a newly generated GUID
<UserSecretId>Sign-API-[GUID]</UserSecretId>
Setting Secret
in the project folder where .csproj file is :
dotnet user-secrets set "Kestrel:Certificates:Development:Password" "pa55w0rd!"
it should say
Successfully saved Kestrel:Certificates:Development:Password = pa55w0rd! to the secret store.
and the secret is saved in C:\Users\<ProfileFolder>\AppData\Roaming\Microsoft\UserSecrets\Sign-API-[GUID]
