I apologize for any potential silliness somewhere - this is my first time trying to work with HTTPS, and although I have a basic understanding of what it is, I'm still quite lost in the nuances.
I'm trying to experiment with developing my own API application, using the ASP.NET Web API template in Visual Studio.
As far as I understand, either Kestrel or Visual Studio itself generated a certificate for localhost on the first launch, which I successfully approved, and my application opens through a secure connection at localhost:7191, the default HTTPS port for projects in VS using this template.
However, remote connections, whether it's an AJAX request from an external site (I'm using my hosting, which has its own certificate purchased from the hosting provider) - return ERR_CERT_COMMON_NAME_INVALID, indicating that the certificate is issued for localhost and not for a specific IP address like xx.xx.xx.xx. Simply typing the address into the browser's address bar - of course, results in the same error.
Yes, I understand that you can "open it anyway" (but not in the case of a script request) or use HTTP - but that's not interesting.
And I'm not quite sure what I need to do.
I changed the A record for one of my domains with a purchased certificate to the IP address of my computer where the VS project is running - nothing changed.
I generated .pem and .pfx files using OpenSSL for my IP address and tried to integrate them into my code in several ways, following the advice of ChatGPT - like using UseCertificateForwarding(); and context.Connection.ClientCertificate; or by forcibly setting "sslCert": "certificate.pfx" in launchSettings.json in the HTTPS settings - but since this is my first time trying HTTPS, it's hard for me to ask the right question without fully understanding how it works.
In any case, these attempts apparently didn't work, because every access to the address shows the localhost certificate and ERR_CERT_COMMON_NAME_INVALID regardless of my attempts.
Am I just connecting the certificates incorrectly?Can I actually get a certificate for connecting to an IP address instead of a domain?If not, was the idea of connecting a domain the right one?Then, is there a certificate somewhere in Visual Studio or Kestrel settings that is being used - this very one for localhost?Or do I even understand this incorrectly?
Thanks!