Setting Up a Self-Signed SSL Certificate
Understand the importance of SSL/TLS for securing single sign-on in ASP.NET Core. This lesson guides you through installing and trusting a self-signed development certificate using IDE prompts or .NET CLI on Windows and Mac, and outlines approaches for Linux environments.
We'll cover the following...
SSL/TLS is important for SSO. Without it, all the information that gets exchanged between the client and the server will be unencrypted and accessible to anyone connected to the same network. This even includes the password.
To prevent that, by default, IdPs only allow encrypted HTTPS connections. Some of them do allow communication to happen via an unencrypted HTTP channel in development mode, but not all of them do. Plus, this option forces us to apply development-specific code to our ...