As your live website will be under HTTPS it makes sense for your local environment to be the same. It’s simple to bind the IIS Developer Certificate, but Chrome will class it as insecure and you will get the error below when opening for the first time. You will have to click advanced and then proceed (unsafe). Once you’re in, Chrome will mark the URL with a red strike and indicate the connection is not secure.
This looks messy. I want to set up a self-signed certificate that chrome understands as secure so I don’t get any warnings and it shows the green padlock just like my live site. To do this we need to generate a certificate using the domain of our local instance and import it into the Trusted Root Certificate Authorities on our local machine. We will be using a combination of PowerShell and
manual steps. This can be fully automated with PowerShell but the additional manual steps helps to understand the process.
The example I will be using for this is for my local IIS instance of intermittentbug. The local domain is www.intermittentbug.local.
Step 1 - Create the certificate in PowerShell
To begin I need to create the SSL certificate. This can be done in Powershell. Open a new window as Administrator and run the following command.
New-SelfSignedCertificate -DnsName "www.intermittentbug.local" -CertStoreLocation "cert:\LocalMachine\My"
Hint – make sure you replace the DnsName with your local Domain
This will save your certificate to the Personal Certificates on your machine. To see it we need to open CertMgr. press the windows key and type CertMgr. On the start menu click Manage Computer Certificates
Step 2 – Export the certificate.
You can see that your certificate in Personal Certificates. It needs to be moved into the trusted root. To do this we export it.
Step 3 – Import the certificate.
Step 4 – Updating IIS Bindings
Go back you your IIS site and select bindings. For your SSL 443 in the dropdown you will see your new SSL Cert. Select this and click ok. Its also worth restarting IIS. If you have still got your PowerShell command window open, just type iisreset.
Close and reopen Chrome and enter your local Domain. You will see its now set as secure and you have the green padlock.
So there we have it, no more insecure screens locally!