Gonna preface this with saying that all of what I describe below is completely out of my comfort zone. I know absolutely nothing about how this stuff works, I only know that it does work.
When running IIS Express through Visual Studio 2022, I routinely (every ~4h) have to re-run the following script, and then drag the newly-generated certificate into Trusted Root Certificate Authorities\Certificates in order to get my browser to recognize localhost. If I don't run the script, I simply get a standard error message indicating that my browser doesn't recognize the address I'm trying to browse to.
# port and appId are any randomly chosen port or guid
$name = 'localhost'
$port = 12345
$appId = '626feeb6-1ee1-4670-8d38-80b8139fe8ce'
Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -eq 'CN=' + $name } | Remove-Item
$thumb=(New-SelfSignedCertificate -DnsName $name -CertStoreLocation cert:\LocalMachine\My).Thumbprint.ToLower()
Invoke-Expression "netsh http delete sslcert ipport=0.0.0.0:$port"
Invoke-Expression "netsh http add sslcert ipport=0.0.0.0:$port appid='{$appId}' certhash=$thumb"
Does anyone know why I need to do this?
EDIT1:
Some more information to help debug this. Here's the output of running netsh http show sslcert ipport=0.0.0.0:$port:
And here is what certlm shows me (second tab confirms it's got the same thumbprint as the one shown above):
One obvious guess is that the certificate just expires.
You can check your cert expiration date with the following command in powershell
If they don't expire but they still stop working for you then I am afraid we need more info. In
Trusted Root Certificate Authorities\Certificatesis the old cert still there and you just replace it with the new one or is it deleted from there in 4 hour?