Setting Up a Self-Signed SSL Certificate

SSL/TLS is important for SSO. Without it, all the information that gets exchanged between the client and the server will be unencrypted and accessible to anyone connected to the same network. This even includes the password.

To prevent that, by default, IdPs only allow encrypted HTTPS connections. Some of them do allow communication to happen via an unencrypted HTTP channel in development mode, but not all of them do. Plus, this option forces us to apply development-specific code to our application.

The alternative to this is using a self-signed development certificate. Unlike a proper SSL certificate that is signed by a well-recognized certification authority, a development certificate cannot be used in production. However, when used in a local development environment, it works just like any other SSL certificate. We can use it to access our local applications via HTTPS and don't need additional development-specific code in our application.

In order to configure a development certificate, we must apply the following steps:

• Install or create the certificate.

• Make our development machine trust the certificate.

Depending on our machine setup and the tools we use, we might achieve both of these in a single step.

IDE users (any OS)

If we use an IDE, there is not much effort required in installing and trusting the certificate because we are automatically prompted to do so whenever we attempt to run a local application via HTTPS. The IDE will do everything for us once we click on the confirmation button in the prompt.

CLI users (Windows and Mac)

If our preference is to use the .NET CLI for application development, we can run the following command in a terminal to install a development certificate and get the machine to trust it: