aspnetcore/breaking-changes/7/https-binding-kestrel.md
The default HTTPS address and port have been removed from Kestrel in .NET 7. This change is part of dotnet/aspnetcore#42016, which will improve the overall developer experience when dealing with HTTPS.
ASP.NET Core 7.0
Previously, if no values for the address and port were specified explicitly but a local development certificate was available, Kestrel defaulted to binding to both http://localhost:5000 and https://localhost:5001.
Users must now manually bind to HTTPS and specify the address and port explicitly, through one of the following means:
ASPNETCORE_URLS environment variable--urls command-line argumenturls host configuration keyHTTP binding is unchanged.
This change affects binary compatibility.
The previous eager-binding behavior occurs without regard to the configured environment and can lead to a poor developer experience when the certificate has not yet been trusted (that is, trusted as root certificate authority because it's self-signed). Clients often produce a poor user experience when hitting an HTTPS endpoint with an untrusted certificate. For example, they might fail silently or show an error or warning screen that alarms the user.
If you weren't using the default https://localhost:5001 binding, no changes are required. However, if you were using this binding, see Configure endpoints for the ASP.NET Core Kestrel web server to learn how you can update your server to enable HTTPS.
N/A