I am creating an ASP.NET web application and currently running it with Visual Studio's built in IIS Express. It normally starts up on localhost and runs just fine. However, one of the external API's I'm calling requires the callback of my application redirect to 127.0.0.1 instead of localhost (it uses the OAuth2 flow for authentication). I realize localhost is just an alias for 127.0.0.1 but for some reason I cannot get my application to run on 127.0.0.1.

I have gone into the project settings under the "Web" tab and changed Start Action > Start URL and Servers > Project URL both to http://127.0.0.1:25436 and even went into IIS Express's applicationhost.config and changed the bindings from this:

<bindings>
    <binding protocol="http" bindingInformation="*:25436:localhost" />
    <binding protocol="https" bindingInformation="*:44300:localhost" />
</bindings>

to this:

<bindings>
    <binding protocol="http" bindingInformation="*:25436:127.0.0.1" />
    <binding protocol="https" bindingInformation="*:44300:127.0.0.1" />
</bindings>

I even tried putting the IP before the port like 127.0.0.1:25436: as suggested by another article I read to solve this problem.

When I start the project I get this problem:

I can't figure out how to get around this. Please help!

For the sake of future generations -

HTTPS on your local pc requires a certificate. Usually something called a "Self signed certificate" is enough. IIS Express usually creates one for you the first time it's installed.

Windows Start > type "mmc". File > Add snap-in > Certificates > Add > Computer account > Next/Finish/OK Enter the "Certificates" section > Personal > Certificates You should see an IIS Express Certificate.

If not, you need to re-install IIS Express and it will add a new certificate for you.

Double-click the IIS Express certificate and scroll down to the Thumbprint Field. Copy the entire thumbprint into an editor and remove all spaces. (you can simply do a search&replace " " and replace by "") (see attached image) Now, with the CMD open with Admin rights, run this:

netsh http add sslcert ipport=0.0.0.0:44300 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF} 

• As far as I know, the appid isn't critical.
• Make sure you add the correct https port number.
• Make sure you didn't add hidden characters or else this will fail.

Now, as a last step, you need to drag this certificate to the "Trusted Root Certification..." section.

Done.

Two possible options to get rid of this issue

1. Use Self Sign certificiate

2. Remove domain security policy: Steps for Chrome -

   1. Go to : chrome://net-internals/#hsts
   2. Query HSTS/PKP domain for localhost
   3. Use Delete domain security policies option to delete configuration for localhost

I encountered a version of this today, and the answer I found to prove fruitful was over at https://aboutssl.org/fix-google-chrome-error-err_ssl_protocol_error/.

"If the SSL State is not cleared, it might block SSL connection and cause the SSL Connection Error. Follow the steps below to clear the SSL state.

Go to Start Menu > Control Panel > Network and Internet > Network and Sharing Center Now click on Internet Options from the bottom-left corner. A new Internet Properties window will appear. Now move to the Content tab and click on Clear SSL State. “The SSL cache was successfully cleared” alert should be on your screen.

Again, restart Chrome and check if ERR_SSL_PROTOCOL_ERROR is still there."

I found the solution to this problem even easier. suitable for Windows 11. Control Panel >> Network and Internet >> Network and Sharing Management Center >> in the lower left corner of the "Browser Options" >> Advanced tab >> Check the box for the "SSL 3.0" certificate