how to enable https for owin self-host webapi

Question

I met this error IDX21323 OpenIdConnectProtocolValidationContext.Nonce was nul and per my searching, it required to use https instead of http .

We can follow this document to create a self-host webapi use OWIN, but the base url is http .

So requirement is enable https for the url. Then how to do it?

I had my way below, but I also want to know a normal way for enabling https ...

Thanks for any other advice!

Answer 1

Follow this document , I can use makecert.exe to create a self-signed certificate but I don't know why after I followed the doc to add certificate to Trusted Root Certification Authorities , the certificate didn't appear in the list.(Maybe it require a reboot?)

makecert.exe -n "CN=Development CA" -r -sv TempCA.pvk TempCA.cer
makecert.exe -pe -ss My -sr CurrentUser -a sha1 -sky exchange -n "CN=name" 
     -eku 1.3.6.1.5.5.7.3.2 -sk SignedByCA -ic TempCA.cer -iv TempCA.pvk

But it made me find there's a certificate issued localhost in the list.

I remembered it is generated by Visual Studio. When we use IIS Express to run the web application via Visual Studio, it will generate it for us. So I want to use it for my Owin api. Then I found this answer . It informed me that I don't need to do any changes in my code, I only need to run a netsh command to bind the certificate to the port.

Then this is the document about how to use command to bind the port with certificate.

And this is the command I used. Getting thrumbprint from certificate and generate guid from an online tool.

netsh http add sslcert ipport=0.0.0.0:8099 certhash=5c50eaxxxxxxz29daea9 appid={ad9f5133-25cd-412a-974c-059bbde7cb3e}