Create .NET HTTPS Certificate for Local Development

Published: November 2, 2025

← Back to Home

When using the .NET SDK to work on a .NET web app (API, Blazor, etc.) in Visual Studio, the first time you start the application it will prompt you to trust the development certificate. If you’re running your app from the command line (or using a different editor), you can create and trust the same development certificate from the command line.

Run the commands below anywhere on your local development machine to create a certificate that enables HTTPS for localhost. By default the certificate is created in the current user’s certificate store and can be used for localhost endpoints on that machine. The behavior of the --trust option varies by OS (see notes below).

Create and trust the dotnet dev certificate:

dotnet dev-certs https --trust

If you want, delete/clean the dev certificate:

dotnet dev-certs https --clean

Platform notes and important warnings:

• Windows/macOS: dotnet dev-certs https --trust will attempt to add the development certificate to the trusted root store for the current user so browsers accept the localhost certificate. On macOS a password prompt may appear when adding the cert to the keychain.
• Linux: automatic trust via --trust may not be available on all distributions. On Linux you usually need to follow your distro’s steps to import the certificate into your system/browser trust store (see Microsoft docs for guidance).
• Scope: the certificate is intended for local development only — do not use it in production. If you need to share a certificate with containers or other machines, export it with --export-path and follow secure distribution practices.

See Microsoft’s documentation on development certificates: Documentation from Microsoft

Keep it real!