Set up IIS 7 to run a secure site locally - HTTPS

I've recently been working on a project where I needed to get a development site running using SSL on IIS 7. If its the first time you've done this it can be a little tricky, but IIS 7 has made it super easy to create self signed certificates. You may also need to be able to run your site on IIS locally instead of using cassini, so that you can still debug. These are some of the steps I took to get it up and running:

If you dont already have IIS installed on your PC, go to Control Panel -> Programs -> Programs and features and select “Turn Windows Features on or off”. Select Internet Information Services. Make sure ASP.NET is selected under World Wide Web Services -> Application Development Features.

IIS 7 settings

Go to Control Panel -> Systems and Security -> Administrative Tools -> Internet Information Services (IIS) Manager.

Select your Computer Name on the left under Connections. Now double click Server Certifcates under IIS group.


Select Create Self-Signed Certificate from the actions panel. Enter a name for your certificate. A new certificate should be added to the list with the name you just gave it.


Select a site in the tree view and click Bindings... in the Actions pane. This brings up the bindings editor that lets you create, edit, and delete bindings for your Web site. Click Add... to add your new SSL binding to the site. Select Bindings from Actions panel. Select Add and then select https for type and select the cerificate you just created for SSL certificate. Select OK.


Site Binding

The web site should now have 2 bindings, one for *.80 (http) and one for *.443 (https).

We need to go back to Visual Studio, right-click the Secure Web Site Project and select Properties. Now select the Web tab. For Servers select to use Local IIS Web Server. Set the Project Url to be https://localhost (or whatever you have named your website to be in IIS)

Visual Studio

Some browsers will display an error page because the self-signed certificate was issued by your computer, not a trusted Certificate Authority (CA). If you just click "Continue to this website", you will be redirected as normal.


Enabling 32 bit applications

I have also come across this little curveball before:

System.BadImageFormatException: Could not load file or assembly or one of its dependencies. An attempt was made to load a program with an incorrect format.


System.BadImageFormatException: is not a valid Win32 application

If you have recently deployed your application and it used to run perfectly, and then all of a sudden when running in IIS7 you get the above error, you might need to enable 32 bit applications in your application pool.

App Pool

Basically, go into your IIS 7 manager console, find the application pool your app is running in, right-click on it, go to Advanced Settings, and change the Enable 32-bit Applications setting to true:

32 Bit

Tada! Hopefully everything should be running again!