ASP.NET Core Locally Serving Outdated Dev Certificate

Georg Dangl by Georg Dangl in DotNet Wednesday, May 17, 2023

Wednesday, May 17, 2023

Today, I was trying to run one of our apps locally. It's a fairly small service, that's only receiving updates every few months, and all the testing and deployment happens in CI, so it hasn't been run locally for quite some time. But, when I started it, it tried to serve an expired certificate, so Chrome showed me a warning about the site not being secure.

With ASP.NET Core, the development workflow is quite nice. You can easily use self signed certificates for working with localhost, and dotnet takes care of managing all that. Yet, somehow, it served me a certificate that expired almost three years ago. Even after regenerating the dev certificates locally, I had the same error, so I looked into the configuration.

Turns out, I had this configuration option set in the user secrets on that machine: kestrel:certificates:development:password

User secrets are a way of managing not really sensitive but developer or machine specific configs for ASP.NET Core projects. The option above, with using a set password for a certificate, resulted in the app not automatically choosing the current dev certificate but instead one that expired long ago. So, quick fix when you know where to look😀

Happy encrypting!

Share this post

comments powered by Disqus

About me

Hi, my name's George! I love coding and blogging about it. I focus on all things around .Net, Web Development and DevOps.


Need a consultant for BIM, GAEB or Software Development?

Contact me at [email protected], +49 (173) 56 45 689 or visit my professional page!

// Just 💗 Coding

Social Links