The ASP. NET Web API uses a self-signed SSL certificate

1 creating a self- signed SSL Certificate

Create a self-signed SSL Tool Xca is:https://sourceforge.net/projects/xca/

Create a process

1) Create root certificate

To open the software, the interface is as follows.

Click , see the drop-down menu, select , create a new database.

Name the file, select the location of the file storage, here I put in the E:\CA under this folder

Click Save, pop Up next page, fill in the password

Click OK to bring up the next page

Click , the next page pops up

The signature algorithm is changed to SHA, other unchanged, click , and then click OKto eject the next page

Click , fill in the information as follows:

Click , the next page pops up

confirm the error, click , the next page is displayed successfully

Click OKto display the next page

Click OKto create a successful display next page

Click OKto successfully generate the root certificate.

2) Create a server-side certificate

On the basis of the success of the above root certificate creation, select the root certificate that was generated.

Click , the next page pops up

Modify the encryption algorithm to SHA, three certificate templates, select

Click , click OKto bring up the next page

The other action is similar to generating the root certificate, and after the build is done, the page looks like this:

3) Create a client certificate

Basically consistent with creating a server-side certificate, the difference is the choice

2 exporting a certificate

Select the certificate, click

Choose folder and export format, export format is various, export according to demand.

3 Installing the certificate in IIS

Note the same certificate does not have to be installed more than once, and to reload, remove the installed certificate first.

Open IIS, click the root directory, double-click

Right-click on the pop-up menu to complete the certificate request, which is the Red box section

pop-Up page, select the generated certificate (the certificate needs to be format Export)

Name and click OK

Thus, the different IIS reacts differently, some servers are successfully imported, and some server errors:

Some imports appear to succeed, but the imported certificate disappears when you refresh the page. In this case, after importing the certificate do not refresh, right-click on the certificate, as follows:

The solutions to both of these errors are:

1 ) The solution to the error is

Install the certificate to the computer's trusted area, then open the Certificate Manager, which will run at the beginning:certmgr.msc

Select the certificate and right-click the operation.

Choose

Follow the prompts, and when you enter the password, this is the password to create the certificate

Enter the correct password and follow the instructions.

However, some computers cannot export even if the certificate is installed properly, for example, exporting the private key is not optional.

The workaround is to check the corresponding option when installing the certificate, as shown in:

2) Double-click the certificate (for . cer format or . P12 format), install as prompted, select Automatic storage mode

This method does not work and is still not available after installation, as follows.

Select , this way specifies that the store also does not work.

to export format, and then double-click Install before you can.

4 Accessing the self-signed Https Web site

It is common to add security exceptions, but some will be incomplete, and the solution is:

For example, in Firefox, click temporarily remove protection. This is because the HTTPS request returns a page that contains http requests, and this mixed type is considered unsafe by the browser.

The ASP. NET Web API uses a self-signed SSL certificate