This is a quick tutorial for setting up your local .NET Core / Kestrel development environment to use SSL.

Machine setup

This article is based on .NET Core 2.0 using VS Code on a mac. No need for the full version of Visual Studio on Windows only!

Setting up Kestrel

In your Startup.cs class, you should be importing an appsettings.json file and a appsettings.Development.json file. The development version is run when you set the environment variable ASPNETCORE_ENVIRONMENT to Development. This is usually set by default in VS Code and Visaul Studio. For this example, we will setup an ssl cert for localhost, so we will update the appsettings.Development.json file.

Setting up the URL

We can setup Kestrel to listen on any address/port by adding this section to the file:

 "Kestrel": {
    "Endpoints": {
      "localhostHttps": {
        "Address": "",
        "Port": "9001",
        "Certificate": "HTTPS"

This will use a certificate “HTTPS” which we will setup next.

Pointing to a cert

  "Certificates": {
    "HTTPS": {
      "Source": "Store",
      "StoreLocation": "CurrentUser",
      "StoreName": "My",
      "Subject": "CN=localhost",
      "AllowInvalid": true

Creating the SSL Certificate

Next, we create a self-signed certificate for HTTPS using OpenSSL. You want to run these commands in same folder as your code. This will create the certs in the current directory.

Run this:

openssl req -new -x509 -newkey rsa:2048 -keyout localhost.key -out localhost.cer -days 365 -subj /CN=localhost

Then this:

openssl pkcs12 -export -out certificate.pfx -inkey localhost.key -in localhost.cer

Add the cert to the macOS keychain

security import certificate.pfx -k ~/Library/Keychains/login.keychain-db

Now trust the cert:

security add-trusted-cert localhost.cer

That’s it!


Hope you enjoyed the tutorial, and feel free to reach out with any questions!