Saturday, March 5, 2011

Up and running with IIS 7.5 Express

March 05, 2011 Posted by Jason Irwin , 6 comments

I’ve been excited to play around with IIS Express since Scott Guthrie’s announcement. I recently loaded up VS2010 SP1 and decided it was time to play around with IIS. The promise is wonderful – a  lightweight but rich version of IIS – including SSL, URL Rewrite, media support, etc. - that doesn’t require elevated privileges to run and can even run on Windows XP. 

After installing IIS Express through the Web Platform Installer things went awry. From the reading I had done on the subject it seemed like the express version would be a quick and easy alternative to the full blown IIS, but unfortunately configuration is (right now) a bit of a PITA requiring IIS Express config file editing, net shell configuration changes and quite a bit of trial and error.

I was expecting IIS Express to be a portable solution – but now see that it is going to be a bit of a pain to get configured how I like it when I move PCs or reimage my box. A certain amount of this is necessary due to the elevated privileges we need but are trying to circumvent (in my example below using well-known/reserved ports 80 and 443) but I wonder if updates to IIS Express application bindings could have been moved from the applicationhost.config file to individual websites’ web.config files allowing everything to be stored in version control systems, allowing multiple users to share said configurations and, in general, making life a little easier for everyone concerned…As things stand it is actually a lot easier – when one has admin permissions on their box – to get up and running quickly with the full blown version of IIS...

The Adventure

I immediately ran into problems using IIS Express with an ASP.NET MVC 3 application that relies on port 80 for http and 443 for https. Essentially, IIS express expects ports between 44300 (defaulting to this value) and 44399 to be used for SSL and trying to use another port, say 443, results URL binding failure…

A Great Intro to IIS Express

Too late in the process I came across the following video from MvcConf which goes over IIS Express in great detail and is a must for anyone using this tool:

Step #1 – Enable SSL in IIS Express

Add the following binding to the applicationhost.config file:

<binding protocol="https" bindingInformation="*:44300:localhost" />

Step #2 – Change SSL PORT

IIS 7.5 Express uses port 44300 by default – not 443. RequiresSSL seems to default to port 443 causing secured pages to fail loading. The following resources led me to figuring out the issue:


The following needs to be executed from the command prompt running as Administrator…

' if you already have port 443 setup, you'll need to remove your existing entry
netsh http delete sslcert ipport=
' Get SHA1 thumbprint - You will need to remove spaces
certmgr.exe /c /s /r localMachine MY
' Create a unique UUID using 
netsh http add sslcert ipport= certhash=<your SHA1 thumbprint> appid={<your UUID>}
' add access control list entry to allow port 443 to be used by IIS Express when running as non-admin user
netsh http add urlacl url=https://localhost:443/ user=everyone
' restart http service
net stop http
net start http

Step #3 – Add binding for port 80

The next two steps are essentially a rinse and repeat of steps 1 and 2, but things are a little quicker this time round since we don’t have any certificate information to figure out. Add an additional http binding in your applicationhost.config file, this time binding port 80

<binding protocol="http" bindingInformation="*:80:localhost" />

Step #4 – Add ACL entry for port 80

netsh http add urlacl url=http://localhost:80/ user=everyone

net stop http

net start http


That’s it. If you followed these steps – and made sure all instances of IIS Express have been stopped and restarted – you should now be able to use ports 443 and 80 using IIS Express. Not a whole lot of fun but you should now be able to run a pretty feature rich web server without the need to run VS as an administrator…