Error "your connection is not private" when Setting up IIS to use https


Hi, I was running https on localhost IIS for the first time, I was  usign http under my localhost and after reading this article:

https://deanhume.com/set-up-iis-7-to-run-a-secure-site-locally-https/ 

I tried to run https on my IIS and localhost.

But I'm facing this error : your connection is not private.

how can resolve that? Thanks.

 


Asked by:- LuneAgile
0
: 8936 At:- 7/30/2018 12:25:04 AM
ASP.NET http https







3 Answers
profileImage Answered by:- vikas_jk

From the error which you have mentioned "your connection is not private.", it looks you have not properly enabled https in your Visual studio and IIS

For running https on IIS, follow these steps taken from "https://support.microsoft.com/en-in/help/324069/how-to-set-up-an-https-service-in-iis"

Configuring Your Web Server for SSL

To enable SSL in IIS, you must first obtain a certificate that is used to encrypt and decrypt the information that is transferred over the network. IIS includes its own certificate request tool that you can use to send a certificate request to a certification authority. This tool simplifies the process of obtaining a certificate. If you use Apache, you must obtain the certificate manually.

In both IIS and Apache, you receive a certificate file from the certification authority, which you must configure on the computer. Apache reads the certificate from its source file by using the SSLCACertificateFile directive. However, in IIS, you can configure and manage certificates by using the Directory Security tab of the Web site or folder properties.

You can migrate certificates from Apache to IIS; however, Microsoft recommends that you re-create or obtain a new certificate for IIS.

Configure Folder or Web Site to Use SSL/HTTPS

This procedure assumes that your site has already has a certificate assigned to it.

  1. Log on to the Web server computer as an administrator.
  2. Click Start, point to Settings, and then click Control Panel.
  3. Double-click Administrative Tools, and then double click Internet Services Manager.
  4. Select the Web site from the list of different served sites in the left pane.
  5. Right-click the Web site, folder, or file for which you want to configure SSL communication, and then click Properties.
  6. Click the Directory Security tab.
  7. Click Edit.
  8. Click Require secure-channel (SSL) if you want the Web site, folder, or file to require SSL communications.
  9. Click Require 128-bit encryption to configure 128-bit (instead of 40-bit) encryption support.
  10. To allow users to connect without supplying their own certificate, click Ignore client certificates.

    Alternatively, to allow a user to supply their own certificate, use Accept client certificates.
  11. To configure client mapping, click Enable client certificate mapping, and then click Edit to map client certificates to users.

    If you configure this functionality, you can map client certificates to individual users in Active Directory. You can use this functionality to automatically identify a user according to the certificate they supplied when they access the Web site. You can map users to certificates on a one-to-one basis (one certificate identifies one user) or you can map many certificates to one user (a list of certificates is matched against a specific user according to specific rules. The first valid match becomes the mapping).
  12. Click OK.

Note: You need to create SSL certificate if you don't have one.

From the answer's of stackoverflow

start --> (IIS) Manager --> Select Server --> Server Certificates:

If you already have an SSL Certificate, you can export your Certificate and jump to step 2.
If you do not have a certificate, you will need to create one in step 1.

1.) Run the following 4 commands from an elevated Command Prompt:

cd C:\Program Files (x86)\Windows Kits\8.1\bin\x64
makecert -r -n "CN=localhost" -b 01/01/2000 -e 01/01/2099 -eku 1.3.6.1.5.5.7.3.3 -sv localhost.pvk localhost.cer
cert2spc localhost.cer localhost.spc
pvk2pfx -pvk localhost.pvk -spc localhost.spc -pfx localhost.pfx

copy files from:

C:\Program Files (x86)\Windows Kits\8.1\bin\x64\localhost.cer 
C:\Program Files (x86)\Windows Kits\8.1\bin\x64\localhost.pfx
C:\Program Files (x86)\Windows Kits\8.1\bin\x64\localhost.pvk
C:\Program Files (x86)\Windows Kits\8.1\bin\x64\localhost.spc

to a folder of your choice

2.) start --> run --> mmc.exe certmgr.msc Trusted Root Certification Authorities --> Right-Click Certificates --> All Tasks --> Import Navigate to your Certificate and import it

3.) start --> (IIS) Manager --> Select Server --> Select Website --> Bindings Add a binding for https and point it to your certificate.

Test by opening Internet Explorer and navigating to your localhost site with https in IE.

Another useful link : https://www.codeproject.com/Tips/722979/Setting-up-IIS-with-HTTPS-Binding

If you are looking to enable https in Visual Studio, check my answer on this question "https://qawithexperts.com/questions/328/how-to-enable-ssl-in-locahost-using-visual-studio-2017"

I think you have missed a step creating SSL certificate and importing it while using IIS

0
At:- 7/30/2018 2:34:04 PM Updated at:- 7/30/2018 2:38:00 PM


profileImage Answered by:- LuneAgile

 

Hi Vikas Thanks for your answar  I want enabled SSL in localhost for  microsoft visual  web developer express 2010  & ASP.NET MVC project,  I was follow  these steps

  1. Select your Project by highlighting it.
  2. Then clikc "F4" and open properties pane.
  3. In project properties make "SSL Enabled"=> True

But I don't found  SSL  Anabled  I don't know why  there is just  those fields. Please take a look at picture below thanks.

0
At:- 7/30/2018 3:50:12 PM Updated at:- 7/30/2018 3:51:35 PM
Upgrade your Visual Studio or check this link http://www.hanselman.com/blog/WorkingWithSSLAtDevelopmentTimeIsEasierWithIISExpress.aspx 0
By : manish - at :- 7/31/2018 3:19:12 PM


profileImage Answered by:- bhanu

If you are getting this error on chrome and not related to Visual Studio, you can bypass Certificate error by navigating to chrome://flags and search for this entry:

Allow invalid certificates for resources loaded from localhost

and then enable the above option, once you have done it, restart Chrome browser.

Chrome will bypass SSL Error alert.

0
At:- 5/25/2021 2:26:24 PM






Login/Register to answer
Or
Register directly by posting answer/details

Full Name *

Email *




By posting your answer you agree on privacy policy & terms of use