My IIS application is unable to connect to my standalone ASP.net Core application because my IIS is failing to validate the SSL certificate of the ASP.net Core. I have a very basic knowledge with certificates but it seems that the app pool doesn't have access to the dev certificate that ASP.net Core uses which is only stored in the current users. Is this the cause of the issue? If yes, how do I give the app pool access to the certificatee? Is there an alternative way to fix this?
The certificate was generated by the dotnet dev-cert tool.
If you are above IIS 7, you can try this method.
1.Make sure your certificate has a private key.
2.Import the certificate into the "Local Computer" account. Best to use Certificates MMC. Make sure to check "Allow private key to be exported"
3.Based upon which, IIS 7.5 Application Pool's identity use one of the following.
Open MMC => Add Certificates (Local computer) snap-in => Certificates (Local Computer) => Personal => Certificates => Right click the certificate of interest => All tasks => Manage private key => Add IIS AppPool\AppPoolName and grant it Full control. Replace "AppPoolName" with the name of your application pool (sometimes IIS_IUSRS)
IIS 7.5 Website is running under NETWORK SERVICE. Using Certificates MMC, added "NETWORK SERVICE" to Full Trust on certificate in "Local Computer\Personal".
IIS 7.5 Website is running under "MyIISUser" local computer user account. Using Certificates MMC, added "MyIISUser" (a new local computer user account) to Full Trust on certificate in "Local Computer\Personal".
Beware, if you're on a domain, your domain will be selected by default in the 'from location box'. Make sure to change that to "Local Computer". Change the location to "Local Computer" to view the app pool identities.
Here is the reference:How to give ASP.NET access to a private key in a certificate in the certificate store?