Scottha has a great blog working with SSL at development time is easier with iisexpress, but I 've got what I think is a better approach. Please weigh in.
In this blog entry I'll show you how to test SSL on your asp. net MVC & webforms applications using IIS 7. you shoshould Make Sure You Have IIS 7 set up on your Windows 7 computer before proceeding. see my blog test your asp. net MVC or webforms application on IIS 7 in 30 seconds for instructions.
Create a new ASP. net mvc 3 application called mvcssl in the C: \ webs folder. Accept all the defaults.
Warning: IIS cannot run an ASP. net project that has been created in the default Visual Studio project folder (C: \ Users \ <user> \ Documents ents \ Visual Studio 2010 \ projects ). select a folder where iis can access the files, such as c: \ webs.
Build and run the application.
Right click the solution and selectProperties.
- SelectWebIn the left pane.
- Under servers, selectUse local IIS Web ServerRadio button.
- SelectCreate virtual directoryButton.
Shocould you get the message:
Unable to create the virtual directory. To access web sites on the local IIS Web server, you must run Visual Studio under an administrator account.
Read it and follow the directions and you'll be rewarded with a friendlier message.
Now go back to IIS manager, refresh and drill down in the default web site. SelectBrowse *: 80 (HTTP)In the right pane.
Adding a ssl cert The super ninja way.
- Download and unzip Thomas demels awesome selfssl7 tool. Read about selfssl7 here.
- Open a administrative command prompt in the selfssl7 directory.
- Substitute your machine name for Q3 (which was my machine) and run the following command:
Selfssl7.exe/Q/T/I "Default web site"/n Cn = Q3; Cn = localhost/V 1000
That's it. You now have a self signed certificate for testing.
Open global. asax and add requirehttps to all controllers and action methods.
Public static voidRegisterglobalfilters (GlobalfiltercollectionFilters ){Filters. Add (NewRequirehttpsattribute());Filters. Add (NewHandleerrorattribute());}
Build the application and refresh the browser. Note IIS manager now includes des the SSL port.
Click on the lock icon to examine the certificate.
Next steps
Change the URL to use the machine name instead of localhost.
To access this site from a remote computer, you'll probably have to open up port 443.
To configure the firewall for HTTPS (port 443)
-
- FromStartMenu, enterWF. MSC
-
- In the console tree, clickInbound rules, And then click New rule.
-
- InRule typePage, clickPort, And then clickNext.
- OnProtocols and portsPage, selectTCP, And then clickSpecific local ports. Enter Port443. Then clickNext.
5. OnActionPage, clickAllow the connection, And then clickNext.
6. OnProfilePage, make sure thatDomain, private,AndPublicCheck boxes are selected, and then clickNextTo accept the default profile.
7. OnNamePage, underName, Type something likeWorld Wide Web Services (Rick's https traffic-in ).
-
- You can now test the site from a remote computer, but it won't be trusted.
- Export the certificate and import on a remote computer. Run the following command (change the computer name from Q1 to your computer ).
C: \ Users \ ricka \ downloads \ selfssl7> selfssl7.exe/Q/T/I "Default web site"/n Cn = Q1; Cn = localhost/
V 1000/K 2048/X/F q1.pfx/W 5 $ ecure!
- Navigate to the pfx file from a remote computer. Double click on the pfx file to start the import wizard.
- SelectNext.
- SelectNextAnd enter the password. (I used5 $ ecure!In the example ).
- SelectPlace all certificates in the following store, Then selectBrowse.
- ClickOK.
- ClickFinish.
- You shoshould now be able to browse from the remote computer without warning.
Testing with Firefox
- Using Firefox, browse to the mvcssl site. Firefox will issue a warning and not display the page.
- SelectAdd exception.
- You can now browse to the site without a warning.
Trackback:
Http://blogs.msdn.com/ B /rickandy/archive/2011/04/22/better-faster-easier-ssl-testing-for-asp-net-mvc-amp-webforms.aspx