Customizing ASP.NET Core Part 4: HTTPS

HTTPS is on by default now and a first-class feature. In Windows, the certificate which is needed to enable HTTPS is loaded from the Windows Certificate Store. If you create a project on Linux and Mac the certificate is loaded from a certificate file.

Even if you want to create a project to run it behind and IIS or an NGinX webserver HTTPS is enabled. Usually you would manage the certificate on the IIS or NGinX webserver in that case. But this shouldn’t be a problem and you shouldn’t disable HTTPS in the ASP.NET Core settings.