Unable to configure HTTPS endpoint: No server certificate was specified

Error Overview

The error message “Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found” is a common issue encountered when working with ASP.NET Core applications. This error indicates that the application cannot find a valid SSL/TLS certificate to establish a secure HTTPS connection. Certificates are essential for encrypting data transmitted over the network, ensuring both security and privacy.

Common Causes

Several factors can lead to this error:

1. Missing Certificate: The application requires an SSL certificate, but none is configured.
2. Invalid or Expired Certificate: The certificate may be present but is either invalid or has expired.
3. Default Developer Certificate Not Found: ASP.NET Core applications typically use a default developer certificate for local development. If this certificate is missing, the application will fail to start.
4. Incorrect Configuration: The application may be misconfigured, leading to issues in recognizing the SSL certificate.
5. Environment-Specific Issues: Different environments (development, staging, production) may have different configurations that affect the availability of certificates.

Solution Methods

To resolve this error, you can follow several methods, depending on the root cause of the issue.

Method 1: Clean and Reinstall the Developer Certificate

1. Open a terminal or command prompt.
2. Execute the following command to clean up existing certificates:
   bash
dotnet dev-certs https --clean
3. After cleaning, restore the default developer certificate with:
   bash
dotnet dev-certs https --trust
4. Restart your ASP.NET Core application and check if the issue persists.

Method 2: Manually Create and Configure a Certificate

If the developer certificate does not solve the issue, you may need to create a new SSL certificate manually:
1. Create a configuration file named asp_config.conf with the following content:
“`
[ req ]
default_bits = 2048
distinguished_name = dn
req_extensions = aspnet

[ dn ]
CN = localhost

[ aspnet ]
basicConstraints = critical, CA:FALSE
keyUsage = critical, digitalSignature, keyEncipherment
extendedKeyUsage = critical, serverAuth
subjectAltName = critical, DNS:localhost
2. Generate a new private key and CSR (Certificate Signing Request) using OpenSSL:bash
openssl req -new -config asp_config.conf -keyout local_asp_dev.key -out local_asp_dev.csr -nodes
3. Create a self-signed certificate:bash
openssl x509 -req -in local_asp_dev.csr -signkey local_asp_dev.key -out local_asp_dev.crt -days 365
4. Convert the certificate to PFX format:bash
openssl pkcs12 -export -out local_asp_dev.pfx -inkey local_asp_dev.key -in local_asp_dev.crt
5. Move the PFX file to the appropriate directory:bash
mv local_asp_dev.pfx ~/.dotnet/corefx/cryptography/x509stores/my/
“`
6. Restart your application.

Method 3: Configure Kestrel to Use HTTPS

If you are using Kestrel as your web server and want to specify a certificate:
1. In your Program.cs or Startup.cs file, configure Kestrel to use the certificate:
“`csharp
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>