How to generate a trusted local IIS certificate for .Net development

As a .Net developer, I often run .Net websites in a local IIS instance on my developer machine, and it can be useful to be able to serve the site over HTTPS.

To create a trusted, local, self-signed SSL certificate, follow these steps.

1. Generate the certificate

Open Powershell and enter the following command:

New-SelfSignedCertificate -DnsName "mysite.local" -CertStoreLocation "cert:\LocalMachine\My"

2. Trust the certificate

We now need to ensure the certificate is trusted on the local machine, otherwise you'll get a certificate warning when you navigate to your local website over HTTPS in a browser.

To do this in Windows 10:

1. Start -> Run certlm.msc to open the Certificate Manager tool
2. Expand the Intermediate Certification Authorities folder in the left window of the tool
3. Click the Certificates folder
4. Find the certificate you just generated in the right-hand window
5. Click and drag it over the Trusted Root Certification Authorities folder in the left window - this will set the certificate as trusted on your local machine.

3. Update IIS to use the new certificate

Now you can create/update the HTTPS binding for your local website in IIS to use the new certificate - you should see the new certificate listed in the SSL certificate: drop-down list.

That's it.