Learn how to fix ERR_SSL_PROTOCOL_ERROR in IIS Express for Visual Studio Projects. Our IIS Support team is here to help you with your questions and concerns.
How to Fix ERR_SSL_PROTOCOL_ERROR in IIS Express for Visual Studio Projects
Running into the “ERR_SSL_PROTOCOL_ERROR” while using IIS Express with Visual Studio can be frustrating.
In fact, several of our customers have had trouble with this error. This is why our Experts have put together these effective fixes to get your development environment back on track.
- Conflicting Localhost SSL Certificates
- IIS Express using a different SSL port
- Incorrect SSL certificate permissions
- Corrupted SSL certificate
- Incorrect SSL configuration in HTTP.sys
Issue 1: Conflicting Localhost SSL Certificates
If you have previously created your own localhost SSL certificate, it may conflict with the one generated by IIS Express, causing SSL issues.
This can be fixed by deleting all existing localhost SSL certificates from the Personal > Certificates folder in the Local Computer certificate store.
Additionally, we can repair IIS Express via the Visual Studio Installer to force IIS Express to generate a new valid localhost certificate.
Issue 2: IIS Express Using a Different SSL Port
IIS Express reserves the port range 44300-44399 for simulating SSL. So configuring our project to use a different SSL port can lead to issues.
Hence, change the project’s SSL URL to use a port within the 44300-44399 range.
Issue 3: Incorrect SSL Certificate Permissions
The private key for the SSL certificate needs the correct permissions set on the MachineKeys folder where it is stored. In other words, incorrect permissions can prevent IIS Express from accessing the private key.
So, verify the permissions on the MachineKeys folder. Also, grant needed permissions for the IIS_IUSRS group to access the folder.
Issue 4: Corrupted SSL Certificate
A corrupted SSL certificate can cause SSL handshake failures.
So, backup the existing certificate. Then, replace it with a self-signed certificate and test if the site works over HTTPS. If it does, the original certificate was corrupted and needs to be replaced.
Issue 5: Incorrect SSL Configuration in HTTP.sys
SSL will work only if the HTTP.sys SSL configuration includes the certificate hash and certificate store name for the “IP:Port” pair the client is connecting to. Incorrect configuration will cause SSL negotiation to fail.
We can fix this by using the `netsh http` command to configure the SSL certificate hash and appid for the specific IP:Port pair.
By trying these fixes, we will be able to resolve the “ERR_SSL_PROTOCOL_ERROR” issue and ensure the IIS Express environment runs smoothly with Visual Studio.
[Need assistance with a different issue? Our team is available 24/7.]
Conclusion
In brief, our Support Experts demonstrated how to fix ERR_SSL_PROTOCOL_ERROR in IIS Express for Visual Studio Projects.
0 Comments