By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Currently, ASP.NET Core web apps created with "dotnet new" have HTTPS enabled by default. The very first time you debug (or, after dotnet dev-certs https --clean ), when no cert is created, debugging will fail, telling the user to run dotnet dev-certs https , optionally with --trust on Mac/Windows.

Similarly to how this extension suggests to create the tasks.json/launch.json when opening a C# project, I think it should prompt to do the above dotnet dev-certs https [--trust] when opening an ASP.NET Core project when HTTPS is enabled on it, if no cert is already trusted.

On Windows, a popup asks if the user wants to trust the certificate; on Mac it requires password input, so it is still user-interactive, and the user needs to know to expect the popup if they say "Yes" to creating/trusting the cert. (On Linux there's no centralized store for trusted certs, so this is moot there.)

A bit more detailed proposal on how I think we want to make this work:

Add a new launch.json option to enable/disable the dev-certs check. Something like checkForDevCert: bool? . If unspecified, it will be enabled when serverReadyAction is set AND when pipeTransport is NOT set.

The first time a project is launched in a VS Code session the extension will run through the following checks:
A. Is the OS Linux or are we in VS Code remote, or VS Code running in a browser? If so, do nothing.
B. Run dotnet dev-certs https --check , and check the exit code to determine success. If this returns zero, we are done.
C. If dotnet dev-cert fails then prompt the user to ask if they want to install the development cert. We should be able to use similar language to what Visual Studio currently uses (though not quite the same, more details below). We want to have a prompt since if the user hits "yes" this will result in a security prompt, and we want to make sure the user understands what this is from.
D. If the user hits "yes" run dotnet dev-certs https --trust . If this succeeds (zero exit code) mark this as successful so that we will not try again in this VS Code session

Implementation notes:

The prompt message needs two changes:

Instead of the "Don't ask me again", we should indicate that the user can set the launch.json option

We will not know if the project is configured to use SSL or not, so maybe instead say "The selected launch configuration is configured to launch a web browser."

We want to do this work in src/coreclr-debug/debugConfigurationProvider.ts

Launch.json options are added in src/tools/OptionsSchema.json . Then run npm run gulp generateOptionsSchema to update package.json. They must also be documented in debugger-launchjson.md

I am hoping we can just spawn dotnet as a child process -- need to first test this on both Windows and macOS, but if not, maybe we could use tasks.executeTask to run it as something that would be user-visible in the VS Code terminal window.

I hope we can use env.remoteName and env.uiKind to detect if we are running remotely.

Prompt in Visual Studio:

The proposal seems reasonable but we should confirm what the flow ends up looking like on macOS as the OS prompts there can be a little more intense (e.g. asking for passwords, etc.). Also the first launch profile in launchsettings.json now is one that doesn't use https so we may want to consider how the https-enabled profile gets selected, e.g. in VS it finds the first https enabled profile and launches that.