Working on Asp.Net Web API or MVC project you must have done a lot of plain HTTP request and response. Now it’s time to move little forward and grab some ideas about SSL (secure socket layer) and implement it into our project.
Before rushing toward the implementation, let’s have some explanation.
What is SSL?
SSL (Secure Socket Layer) is the standard security protocol, which ensures the secure link between the web server and user computer (browser). Nowadays, the Internet is full of fraud and you might be their target if you are doing any online transaction.
Most of the online business having sensitive client information uses application having SSL for securing their client’s credentials and company information from the hacker. After using SSL the communication between the browser and web server happens in an encrypted format.
The details sent by the user can only be read by the specific SSL certified web server. So this secure connection cannot be established without the SSL certificate on the web server. To recognize the SSL enabled application, it starts with https:// instead of http:// and is green in color.
Enabling SSL in Asp.Net Project
For the demo, I am using Asp.Net Web API project. Select your project in solution explorer and press F4 which simply opens project properties as shown in the figure below.
The SSL Enabled properties are by default false. Now made it true which will provide you with an SSL URL as shown below.
Notice that the port no. of SSL URL(https) and URL(http) are different which means that if you are using the default http protocol the URL property will be used but if you want to issue the request using https protocol the SSL URL property will provide you the base URL.
Let’s run the project which will open up the project with default URL http://localhost:56417. So open the new tab and try to switch on SSL URL https://localhost:44350. Now the project will open using https:// protocol but there is a warning as shown below.
If you explore this error by clicking on the triangular error, you will end up with the certificate Error. Which means that the certificate issued by the visual studio is not trusted. So to make it trustworthy we need to install it in the trusted certification directory. Now proceed with the following steps for further solutions.
Open console root window entering the mmc.exe command on run (Ctrl+R) window and perform the following actions.
This will open Add or Remove Snap-ins window as below.
Now choose certificates in Available Snap-ins option and click Add.
We are going to manage certificates in our local machine so choose Computer account radio option and click next.
After finish, the console root window will display all the certificates available in our local computer. The recently issued certificate by the visual studio is also available there in the Certificates (Local Computer)>Personal>Certificates directory.
Now we have to do is to export this certificate in the Trusted Root Certification Authorities directory just below to the personal directory. For this, we have to export the certificate from the personal directory, store it on the local machine and again import the same certificate from the Trusted Root Certification Authorities directory. So let’s do it with the help of following figures.
Several windows and popups will open in this process so leave them all as default and export the certificate in any of the folders in your computer. Now we have to import the same certificate.
Now again leave every windows and popup as default and import the certificate. If you have successfully done all of the above steps let’s check your project in the browser. Now you will get the project URL starting with https:// in green color as shown below.
So far you might have got an idea about enabling https protocol in the .net project using visual studio. One thing you must be sure about the outputs is always the same if you are using http or https.