Skip to main content

Server certificate configuration

To enable TLS, server certificate with private key must be provided. Default configuration accepts .pfx certificate file.

1. Prepare TLS server certificate file

Steps to configure server certificate:

Generate TLS server certificate as needed for the server;
Store the server certificate as .pfx file
1. Store it in the certificates/tls directory with name server-certificate.pfx.

2. Provide `.pfx` password in configuration, if needed

note

If .pfx without password is used, this step can be skipped.

Open appsettings.json
Find the Kestrel configuration section
Provide actual certificate password in the Password field (Kestrel --> Endpoint --> Https --> Certificate --> Password).

1. Prepare TLS server certificate file
2. Provide .pfx password in configuration, if needed