I'm trying to get HTTPS working locally with a wildcard domain *.example using ASP.NET Core and Kestrel, but it's just not working no matter what I try. Here's what we've done so far:
What we tried
Used mkcert to generate the certificate:Tried with just *.exampleTried with both *.example and exampleUsed openssl to export the .pfx file:openssl pkcs12 -export -out wildcard.example.pfx \ -inkey _wildcard.example-key.pem \ -in _wildcard.example.pem \ -passout pass:yourpasswordAlso tried the built-in PowerShell command:
New-SelfSignedCertificate -DnsName "*.example", "example" -CertStoreLocation "cert:\LocalMachine\My"Tried configuring Kestrel in both Program.cs and appsettings.json. Example:In Program.cs:
builder.WebHost.ConfigureKestrel(serverOptions =>{ serverOptions.ConfigureHttpsDefaults(httpsOptions => { httpsOptions.ServerCertificate = new X509Certificate2("wildcard.example.pfx", "yourpassword"); });});In appsettings.json:
"Kestrel": {"Endpoints": {"Https": {"Url": "https://*:7240","Certificate": {"Path": "wildcard.example.pfx","Password": "yourpassword" } } }}The problemWhen we access something like https://dev.example, the browser says the connection is not secure or the certificate is not valid.
We’ve also trusted the root CA using mkcert --install, and can confirm that other mkcert-generated certs (like localhost) work.
We’re totally stuck — we tried everything we can think of. Is there anything we’re missing to get wildcard domains to work properly with Kestrel and mkcert?