ASP.NET Core "Unable to configure HTTPS endpoint. No server certificate was specified" in CI
Kestrel tried to bind an https endpoint and looked for the ASP.NET Core developer certificate, which does not exist on a fresh CI runner. Bind to http in CI, or generate and trust a dev cert first.
What this error means
The app fails to start in CI with "Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date." Locally it works because Visual Studio installed a dev cert.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server
certificate was specified, and the default developer certificate could not be found
or is out of date. To generate a developer certificate run 'dotnet dev-certs https'.Common causes
No developer certificate on the runner
The default Kestrel https binding needs the ASP.NET Core dev cert. A clean runner never ran dotnet dev-certs https --trust, so the certificate is missing.
launchSettings binds https by default
Your launchSettings.json or applicationUrl defaults to https://localhost:..., so CI inherits an https endpoint it cannot secure.
How to fix it
Bind to http only in CI
- Set
ASPNETCORE_URLSto an http address in the CI step. - Do not rely on launchSettings in CI (it is a local dev file, not read by
dotnet runin all hosts). - Point integration tests at the http endpoint.
env:
ASPNETCORE_URLS: http://localhost:5000
ASPNETCORE_ENVIRONMENT: DevelopmentGenerate and trust a dev cert when https is required
If a test genuinely needs https, create the developer certificate before starting the app.
dotnet dev-certs https
dotnet dev-certs https --trustHow to prevent it
- Use http endpoints for CI runs; reserve https for environments with real certificates.
- Set ASPNETCORE_URLS explicitly instead of depending on launchSettings.json.
- Terminate TLS at a proxy or ingress in production rather than in Kestrel dev certs.