Search code examples
asp.net-coressl.net-coreiis-express

Visual Studio 2019 - IIS Express - The connection was reset (ERR_CONNECTION_RESET)

I have created a new ASP.NET Core MVC project in Visual Studio 2019 with the HTTPS enabled option checked. When I run the project with IIS Express, the webpage says 'The Connection was reset'.

When I first enabled the SSL for the project and started in debug mode the visual studio prompted me to trust the self-signed certificate and I clicked on Yes. But still, in browser the site is not opening and the error "The connection was reset" is being displayed.

The application is running on port 44300.

This is a fresh installation of Windows 10 and Visual Studio 2019.

I verified that the self-signed certificate generated by IIS is present in the certificate store (Refer screenshot). Also, the certificate is present in the Trusted Root Certification Authorities of the Edge Chromium and Google Chrome browsers as well.

Certificate in MMC

  • I created a new project to ensure that there weren't any errors within my config or build files. When I run the new project, I get the same result.

  • I tried with other browsers as well, but still the same error.

  • I repaired the Visual Studio using the Visual Studio Installer, and reset everything to default, and had no success with that.

Please advise on how to resolve this issue.

Browser error

IIS Express

Below are the reports from Jexus manager:

SSL Diagnosis Report:

IMPORTANT: This report might contain confidential information. Mask such before sharing with others.
-----
System Time: 10/19/2020 8:01:52 AM
Processor Architecture: AMD64
OS: Microsoft Windows NT 10.0.19041.0
Server Type: IIS Express

SERVER SSL PROTOCOLS

PCT 1.0: 
PCT 1.0 is not secure. OS default is used. You might explicitly disable it via registry.
SSL 2.0: 
SSL 2.0 is not secure. OS default is used. You might explicitly disable it via registry.
SSL 3.0: 
SSL 3.0 is not secure. OS default is used. You might explicitly disable it via registry.
TLS 1.0: 
TLS 1.0 is not secure. OS default is used. You might explicitly disable it via registry.
TLS 1.1: 
TLS 1.1 is not secure. OS default is used. You might explicitly disable it via registry.
TLS 1.2: 
SChannel EventLogging: 1 (hex)
To tune TLS related settings, please follow https://support.microsoft.com/en-us/kb/187498 or try out IIS Crypto from https://www.nartac.com/Products/IISCrypto/.
Microsoft documentation on cipher suites can be found at https://learn.microsoft.com/en-us/windows/desktop/secauthn/cipher-suites-in-schannel.
-----
[W3SVC/1]
ServerComment  : WebSite1
ServerAutoStart: True
ServerState    : Stopped

BINDING: http *:8080:localhost

[W3SVC/2]
ServerComment  : DemoApp
ServerAutoStart: True
ServerState    : Stopped

BINDING: http *:50682:localhost

BINDING: https *:44300:localhost
SSLCertHash: 33a6ad6b596b6d1d0a6dff64f69b9457383ff658
SSL Flags: None
Testing EndPoint: 127.0.0.1
#CertName: IIS Express Development Certificate
#Version: 3
#You have a private key that corresponds to this certificate.
#Signature Algorithm: sha256RSA
#Key Exchange Algorithm: RSA Key Size: 2048
This is not an ECC certificate, so *_ECDSA_* cipher suites cannot be used.
#Subject: CN=localhost
#Issuer: CN=localhost
#Validity: From 10/18/2020 8:39:54 AM To 10/18/2025 3:00:00 AM
#Serial Number: 167D0B2FB51D5BB54D222FDC298ACDE9
DS Mapper Usage: Disabled
Archived: False
#Key Usage: DataEncipherment, KeyEncipherment, DigitalSignature
#Enhanced Key Usage: Server Authentication (1.3.6.1.5.5.7.3.1)
#Subject Alternative Name: DNS Name=localhost
Certificate verified.

Binding Diagnosis Report:

IMPORTANT: This report might contain confidential information. Mask such before sharing with others.
-----
System Time: 10/19/2020 8:05:14 AM
Processor Architecture: AMD64
OS: Microsoft Windows NT 10.0.19041.0
Server Type: IIS Express
-----
This machine has 3 IP addresses to take external traffic.
* 172.23.176.1.
* 192.168.100.3.
* 172.25.112.1.
-----
[W3SVC/2]
ServerComment  : DemoApp
ServerAutoStart: True
ServerState: Stopped

BINDING: HTTP *:50682:localhost
No conflicting TCP reserved port range is found.
This site can take local traffic at 127.0.0.1:50682.
This site can take local traffic at [::1]:50682.
 * Web browsers should use URL http://localhost:50682. Requests must have a Host header of "localhost".
   Start DNS query for localhost.
   DNS Query returns 2 result(s).
    * [::1]
    * 127.0.0.1

BINDING: https *:44300:localhost
No conflicting TCP reserved port range is found.
This site can take local traffic at 127.0.0.1:44300.
This site can take local traffic at [::1]:44300.
 * Web browsers should use URL https://localhost:44300. Requests must have a Host header of "localhost".
   Start DNS query for localhost.
   DNS Query returns 2 result(s).
    * [::1]
    * 127.0.0.1
Binding Diagnostics does not verify certificates and other SSL/TLS related settings.
Please run SSL Diagnostics at the server level to analyze SSL/TLS configuration. More information can be found at https://docs.jexusmanager.com/tutorials/ssl-diagnostics.html.

Project Diagnosis Report:

IMPORTANT: This report might contain confidential information. Mask such before sharing with others.
-----
Scan the folder C:\Users\ragha\source\repos\DemoApp\DemoApp for project files.
1 project(s) is detected.
* DemoApp.csproj


Project file: C:\Users\ragha\source\repos\DemoApp\DemoApp\DemoApp.csproj.
IIS Express configuration file: C:\Users\ragha\source\repos\DemoApp\.vs\DemoApp\config\applicationHost.config.
Analyze ASP.NET Core project.
Visual Studio launchSettings.json: C:\Users\ragha\source\repos\DemoApp\DemoApp\Properties\launchSettings.json.
Extract debugging profiles.
Found 2 profile(s).
* IIS Express
* DemoApp


Extract IIS settings.
sslPort is 44300.
application URL is http://localhost:50682.
Binding localhost on *:50682 (HTTP).
Binding localhost on *:44300 (HTTPS).
A matching binding is found for https://localhost:44300/.
Solution

  • It turned out to be the Kaspersky Cloud Security latest update that blocked the access with localhost. I uninstalled Kaspersky and then tried, it worked fine.

    I opened a support ticket with Kaspersky and below is their response:

    This is a known bug issue from our side which will be fixed with the release of MR2 for Kaspersky 2021 version. MR2 is plan to be released on early of November. We recommend to use version 2020 until the release of MR2.