Is it possible to run auth-server locally with hard-coded certificates, so certs don't need to be regenerated every time?
1 Answer(s)
-
0
Yes, you can run the AuthServer locally with a hard-coded certificate so that certificates do not need to be regenerated every time. Instead of using the development certificate generation method, you can provide a persistent PFX certificate file (e.g., openiddict.pfx) and its password directly in your configuration. This approach works for both local development and production scenarios.
Here’s how you can configure your AuthServer to use a specific certificate file:
public override void PreConfigureServices(ServiceConfigurationContext context) { var hostingEnvironment = context.Services.GetHostingEnvironment(); PreConfigure<AbpOpenIddictAspNetCoreOptions>(options => { options.AddDevelopmentEncryptionAndSigningCertificate = false; }); PreConfigure<OpenIddictServerBuilder>(serverBuilder => { serverBuilder.AddProductionEncryptionAndSigningCertificate( "openiddict.pfx", // Path to your persistent certificate "YourCertificatePassword" // Certificate password ); }); }- Place your PFX file (e.g., openiddict.pfx) in a known location within your project.
- Use the same certificate and password every time you run the AuthServer locally.
- This prevents the need to regenerate certificates on each run.
This method is supported and recommended for scenarios where you want consistent credentials across restarts or deployments.
Sources:
- ABP OpenIddict Deployment
- Fixing OpenIddict Certificate Issues in IIS or Azure
- OpenIddict: Registering a Certificate
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
