How to run app on HTTPS #718

New Issue

Closed

opened 2026-01-29 16:46:41 +00:00 by claunia · 10 comments

claunia commented 2026-01-29 16:46:41 +00:00

Owner

Copy Link

Originally created by @dejanakadex on GitHub (Oct 28, 2021).

Originally assigned to: @GregorBiswanger on GitHub.

I am creating app on Blazor server side with .net core 5.
When I start, my electron app is running on http://localhost:. I know that I can set port by setting 'aspCoreBackendPort' prop. How can I set https? In my app I am using a payment service which requires me to enter the allowed origin on their side but they do not accept http, only https. How to fix this?

Originally created by @dejanakadex on GitHub (Oct 28, 2021). Originally assigned to: @GregorBiswanger on GitHub. I am creating app on Blazor server side with .net core 5. When I start, my electron app is running on http://localhost:<port>. I know that I can set port by setting 'aspCoreBackendPort' prop. How can I set **https**? In my app I am using a payment service which requires me to enter the allowed origin on their side but they do not accept http, only https. How to fix this?

claunia added the question label 2026-01-29 16:46:41 +00:00

claunia closed this issue 2026-01-29 16:46:41 +00:00

claunia commented 2026-01-29 16:46:42 +00:00

Author

Owner

Copy Link

@HaydnDias commented on GitHub (Nov 9, 2021):

We're having similar issues, enabling https works for local development, but breaks on user machines due to needing self signed certs.

Potentially a change to allow more configuration in here? Not sure how we'd get easy https on other computers though. 30941df39c/ElectronNET.API/WebHostBuilderExtensions.cs (L19-L56)

@HaydnDias commented on GitHub (Nov 9, 2021): We're having similar issues, enabling https works for local development, but breaks on user machines due to needing self signed certs. Potentially a change to allow more configuration in here? Not sure how we'd get easy https on other computers though. https://github.com/ElectronNET/Electron.NET/blob/30941df39c49f82720011c2444f4af4cbd7b8569/ElectronNET.API/WebHostBuilderExtensions.cs#L19-L56

claunia commented 2026-01-29 16:46:42 +00:00

Author

Owner

Copy Link

@dejanakadex commented on GitHub (Nov 9, 2021):

We're having similar issues, enabling https works for local development, but breaks on user machines due to needing self signed certs.

Potentially a change to allow more configuration in here? Not sure how we'd get easy https on other computers though.

30941df39c/ElectronNET.API/WebHostBuilderExtensions.cs (L19-L56)

Can you please share with me how did you do it localy? This would help me a lot.

@dejanakadex commented on GitHub (Nov 9, 2021): > > > We're having similar issues, enabling https works for local development, but breaks on user machines due to needing self signed certs. > > Potentially a change to allow more configuration in here? Not sure how we'd get easy https on other computers though. > > https://github.com/ElectronNET/Electron.NET/blob/30941df39c49f82720011c2444f4af4cbd7b8569/ElectronNET.API/WebHostBuilderExtensions.cs#L19-L56 Can you please share with me how did you do it localy? This would help me a lot.

claunia commented 2026-01-29 16:46:42 +00:00

Author

Owner

Copy Link

@HaydnDias commented on GitHub (Nov 10, 2021):

public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
    WebHost.CreateDefaultBuilder(args)
        .UseStartup<Startup>()
        .UseKestrel(options =>
        {
            options.Limits.MaxRequestBodySize = 268435456;
        })
        .UseElectron(args)
        .UseUrls("https://localhost:11811")

I just set the UseUrls in the application, seemed to do it, only worked on dev machine with certs created as per https://docs.microsoft.com/en-us/dotnet/core/additional-tools/self-signed-certificates-guide.

However, deploying it to standard user machines broke this, and as we can't guarantee access to elevated permissions, this wasn't a solution for us.

There's a good chance you'll have to use a hosted web proxy to use https, unless you're able to add self-signed certs to the system you're deploying to.

@HaydnDias commented on GitHub (Nov 10, 2021): ```CSHARP public static IWebHostBuilder CreateWebHostBuilder(string[] args) => WebHost.CreateDefaultBuilder(args) .UseStartup<Startup>() .UseKestrel(options => { options.Limits.MaxRequestBodySize = 268435456; }) .UseElectron(args) .UseUrls("https://localhost:11811") ``` I just set the UseUrls in the application, seemed to do it, only worked on dev machine with certs created as per https://docs.microsoft.com/en-us/dotnet/core/additional-tools/self-signed-certificates-guide. However, deploying it to standard user machines broke this, and as we can't guarantee access to elevated permissions, this wasn't a solution for us. There's a good chance you'll have to use a hosted web proxy to use https, unless you're able to add self-signed certs to the system you're deploying to.

claunia commented 2026-01-29 16:46:42 +00:00

Author

Owner

Copy Link

@javierlarota commented on GitHub (Nov 26, 2021):

In our Electron app we wanted to "secure" the internal traffic with its ASP.NET Core backend, but installing a valid ssl cert from a trusted CA was not an option for us because we would need to distribute the certificate, plus we would need a certificate issued for every machine where the application is installed.

Self-signed cert was the only option, but we did not want to trust that cert, instead we just want the Electron app to ignore certificate errors for local requests either to localhost or 127.0.0.1.

I just posted the pull request https://github.com/ElectronNET/Electron.NET/pull/626 with the change to bypass certificate errors. So, by adding the corresponding setting in the electron.manifest.json file, the developer can decide if he/she wants to bypass all cert errors for all requests, or bypass only cert errors for a given domain names. list i.e. localhost or 127.0.0.1

The native electron framework supports ignoring cert errors as documented here. With my proposed changes I am just exposing that feature to Electron.NET as well.

@javierlarota commented on GitHub (Nov 26, 2021): In our Electron app we wanted to "secure" the internal traffic with its ASP.NET Core backend, but installing a valid ssl cert from a trusted CA was not an option for us because we would need to distribute the certificate, plus we would need a certificate issued for every machine where the application is installed. Self-signed cert was the only option, but we did not want to trust that cert, instead we just want the Electron app to ignore certificate errors for local requests either to `localhost` or `127.0.0.1`. I just posted the pull request https://github.com/ElectronNET/Electron.NET/pull/626 with the change to bypass certificate errors. So, by adding the corresponding setting in the **electron.manifest.json** file, the developer can decide if he/she wants to bypass all cert errors for all requests, or bypass only cert errors for a given domain names. list i.e. localhost or 127.0.0.1 The native electron framework supports ignoring cert errors as documented [here](https://www.electronjs.org/docs/latest/api/app/#event-certificate-error). With my proposed changes I am just exposing that feature to [Electron.NET](https://github.com/ElectronNET/Electron.NET) as well.

claunia commented 2026-01-29 16:46:42 +00:00

Author

Owner

Copy Link

@damikun commented on GitHub (Nov 3, 2022):

@javierlarota did you build your own package or ow you use it because the oficial last release is befor your change... I cannot ignore the cert errors currently.. Any help? Thx

@damikun commented on GitHub (Nov 3, 2022): @javierlarota did you build your own package or ow you use it because the oficial last release is befor your change... I cannot ignore the cert errors currently.. Any help? Thx

claunia commented 2026-01-29 16:46:43 +00:00

Author

Owner

Copy Link

@damikun commented on GitHub (Nov 4, 2022):

I currently ended up with building self main from ElectronNet with all recent changes...

@damikun commented on GitHub (Nov 4, 2022): I currently ended up with building self `main` from ElectronNet with all recent changes...

claunia commented 2026-01-29 16:46:43 +00:00

Author

Owner

Copy Link

@GregorBiswanger commented on GitHub (Mar 28, 2023):

🎉🚀 New Electron.NET version 23.6.1 released 🚀🎉

With native Electron 23 and .NET 6 support. Your problem should be fixed here. If you continue to have the problem, please let us know. Please note the correct updating of your API & CLI. Info in the README. Have fun!

@GregorBiswanger commented on GitHub (Mar 28, 2023): 🎉🚀 New Electron.NET version 23.6.1 released 🚀🎉 With native Electron 23 and .NET 6 support. Your problem should be fixed here. If you continue to have the problem, please let us know. Please note the correct updating of your API & CLI. Info in the README. Have fun!

claunia commented 2026-01-29 16:46:43 +00:00

Author

Owner

Copy Link

@damikun commented on GitHub (Mar 28, 2023):

Hi @GregorBiswanger i think ther is some needs to support https and stuff around it...

backend on https without options to use https is hardcoded..

Look on main.js in Electron HOST..

loadURL = http://localhost:${aspCoreBackendPort}``

When backend use strict HTTPS the load url is than incorrect...

Also needs to provide way to dynamicali append this args...

app.commandLine.appendSwitch('ignore-certificate-errors');
app.commandLine.appendSwitch('allow-insecure-localhost', 'true');

@damikun commented on GitHub (Mar 28, 2023): Hi @GregorBiswanger i think ther is some needs to support https and stuff around it... backend on https without options to use https is hardcoded.. Look on main.js in Electron HOST.. `loadURL = `http://localhost:${aspCoreBackendPort}`` When backend use strict HTTPS the load url is than incorrect... Also needs to provide way to dynamicali append this args... ``` app.commandLine.appendSwitch('ignore-certificate-errors'); app.commandLine.appendSwitch('allow-insecure-localhost', 'true'); ```

claunia commented 2026-01-29 16:46:43 +00:00

Author

Owner

Copy Link

@GregorBiswanger commented on GitHub (Mar 28, 2023):

An HTTPS certificate on a local device via desktop application is inherently insecure. Locally you can always listen in between without any problems. To do this, the certificate would also have to be installed locally. With ASP.NET Core, a developer certificate is installed by default, which is limited. Additional support for this would be pointless.

@GregorBiswanger commented on GitHub (Mar 28, 2023): An HTTPS certificate on a local device via desktop application is inherently insecure. Locally you can always listen in between without any problems. To do this, the certificate would also have to be installed locally. With ASP.NET Core, a developer certificate is installed by default, which is limited. Additional support for this would be pointless.

claunia commented 2026-01-29 16:46:44 +00:00

Author

Owner

Copy Link

@damikun commented on GitHub (Mar 28, 2023):

An HTTPS certificate on a local device via desktop application is inherently insecure. Locally you can always listen in between without any problems. To do this, the certificate would also have to be installed locally. With ASP.NET Core, a developer certificate is installed by default, which is limited. Additional support for this would be pointless.

You can install self signed dummy certificate with backend inside electron... and ignore certa errors..

The reason is for example modules that require by default https..

My app forexample contains ID server (part of backend) and this use https only cookie by default so without https support im not able to use it... (hardcoded requirement in external lib)

The app is electronised, but can also run as standard web service (the sources)

I mean standalone electron allow you to ignor (set this flags) errors..

@damikun commented on GitHub (Mar 28, 2023): > An HTTPS certificate on a local device via desktop application is inherently insecure. Locally you can always listen in between without any problems. To do this, the certificate would also have to be installed locally. With ASP.NET Core, a developer certificate is installed by default, which is limited. Additional support for this would be pointless. You can install self signed dummy certificate with backend inside electron... and ignore certa errors.. The reason is for example modules that require by default https.. My app forexample contains ID server (part of backend) and this use https only cookie by default so without https support im not able to use it... (hardcoded requirement in external lib) The app is electronised, but can also run as standard web service (the sources) I mean standalone electron allow you to ignor (set this flags) errors..

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

develop

feature/secure-connection

dependabot/npm_and_yarn/src/ElectronNET.WebApp/ElectronHostHook/lodash-4.17.23

dependabot/npm_and_yarn/src/ElectronNET.Host/lodash-4.17.23

legacy/build-system-update

legacy/main

0.4.1-pre.26

0.4.0

0.4.0-pre.18

0.3.1

0.3.0

0.3.0-pre.5

0.3.0-pre.1

0.3.0-pre.336

0.3.0-pre.331

0.2.0-pre.240

0.2.0-pre.228

0.2.0-pre.200

0.1.0-pre.198

0.1.0

0.1.0-pre.184

0.1.0-pre.180

0.1.0-pre.173

0.1.0-pre.163

0.1.0-pre.156

0.1.0-pre.149

0.1.0-pre.139

0.1.0-pre.135

0.1.0-pre.133

0.0.18-pre.123

23.6.2-alpha.71

23.6.2

23.6.2-alpha.14

23.6.1

13.5.1

11.5.1

9.31.2

9.31.1

8.31.2

8.31.1

7.30.2

5.30.1

5.22.14

5.22.13

0.0.11

0.0.10

0.0.9

v0.0.7

Labels

Clear labels

api

api

applications

bug

bug

dev-experience

discussion

documentation

duplicate

enhancement

examples

Feature

Feature

good first issue

help wanted

In progress

information

infrastructure

invalid

javascript

macos

more-information-needed

pull-request

Mirrored from GitHub Pull Request

question

No Label question

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claunia

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/Electron.NET#718