ASP.NET Core 設定開發憑證

在使用 dotnet watch 的時候出現以下錯誤訊息:
    
[11:03:32 ERR] BackgroundService failed
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
   at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
   at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
   at Microsoft.AspNetCore.Builder.WebApplication.Run(String url)
   at Program.<Main>$(String[] args)
    

代表找不到開發憑證或是憑證已經過期了,使用以下指令就可以重新產生並信任開發憑證:
    
dotnet dev-certs https --trust
    

執行指令後會彈出一個視窗,點選「是」來信任 localhost 的憑證:

指令範例執行結果
    
dotnet dev-certs https --trust
Trusting the HTTPS development certificate was requested. A confirmation prompt will be displayed if the certificate was not previously trusted. Click yes on the prompt to trust the certificate.
The HTTPS developer certificate was generated successfully.
    

再次執行程式後就不會再有這個問題了。

查看已簽署的開發憑證

使用上面指令產生的開發者憑證有效期限是一年,可以使用下列指令查看憑證狀態:
    
dotnet dev-certs https --check
    

範例查詢結果:
    
dotnet dev-certs https --check
A valid certificate was found: 7275290542CE4AE3436A3323036BAF441A491D8B - CN=localhost - Valid from 2024-09-19 11:06:11Z to 2025-09-19 11:06:11Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
Run the command with both --check and --trust options to ensure that the certificate is not only valid but also trusted.
    

刪除已簽署的開發憑證

如果想要刪除憑證也可以執行下列指令來刪除:
    
dotnet dev-certs https --clean
    

點選「是」後就可以刪除憑證:

這時候再去檢查憑證狀態就會發現沒有憑證了:
    
dotnet dev-certs https --check
No valid certificate found.
    



參考資料:
Microsoft.Learn - Enforce HTTPS in ASP.NET Core
Microsoft.Learn - dotnet dev-certs

留言