I am summarizing the steps that helped me in resolving this issue:

1. Make sure the SSL port range(used by IIS express) is between 44300-44398

During installation, IIS Express uses Http.sys to reserve ports 44300 through 44399 for SSL use. This enables standard users (without elevated privileges) of IISExpress to configure and use SSL. For more details on this refer here

2. Run the below command as administrator in Command prompt. This will output the SSL Certificate bindings in the computer. From this list, find out the certificate used by IIS express for the corresponding port :

netsh http show sslcert > sslcert.txt

3. Look for the below items in the sslcert.txt (in my case the IIS express was running at port 44300)

IP:port : 0.0.0.0:44300

Certificate Hash : eb380ba6bd10fb4f597cXXXXXXXXXX

Application ID : {214124cd-d05b-4309-XXX-XXXXXXX}

4. Also look in the IIS express management console (RUN (Ctrl+R) -> inetmgr.exe) and find if the corresponding certificate exists in the Server Certificates

(Click on the ServerRoot -> under section IIS () -> Open the Server Certificates)

5. If your localhost by default uses a different certificate other than the one listed in Step 3, continue with the below steps

netsh http delete sslcert ipport=0.0.0.0:44300

netsh http add sslcert ipport=0.0.0.0:44300 certhash=New_Certificate_Hash_without_space appid={214124cd-d05b-4309-XXX-XXXXXXX}

The New_Certificate_Hash will be your default certificate tied-up with your localhost (That we found in step 4) or the one which you want to add as a new certificate.

P.S. Thank you for your answer uosɐſ (which helped me in resolving this issue)

If you need to use a port outside of the 44300-44399 range, here's a workaround:

• Create a new site in IIS (not Express)
• Bind HTTPS to the port you need
• For SSL Certificate, choose IIS Express Development Certificate
• Once the site is created, stop it, since it doesn't actually need to be running

This registers the IIS Express Development certificate with that port and is the easiest way I've found to get around the 44300-44399 range requirement.

In my case, I created a self-signed certificate and had it working, except I was getting an error in the browser because the certificate was untrusted. So, I moved the cert into the Trusted Root Certification Authorities > Certificates folder in the Certificates snapin. It worked, and then I closed Visual Studio for the day.

The following day, I started my project and I received the error mentioned in the original question. The issue is that the certificate you configured IISExpress with must exist in the Personal > Certificates folder or HTTPS will stop working. Once IIS Express successfully starts, you can drag the cert back to the trusted location. It'll continue to work until you restart IIS Express.

Not wanting to fuss with dragging the cert back and forth every time, I just place a copy of the certificate in both places and now everything works fine.

My problem was caused by Fiddler. When Fiddler crashes it occasionally messes with your proxy settings. Simply launching Fiddler seemed to fix everything (perhaps it repairs itself somehow).

In my case I'd simply forgotten I had a binding set up for (in my case) https://localhost:44300 in full IIS. You can't have both!

To follow on to other answers about setting the SSL port between 44300 and 44399, I was unable to change the SSL Enabled property in Visual Studio, nor set a specific SSL URL. Other answers, like repairing IIS Express did not help. The solution was to go into the .vs folder parallel to the sln file, open the config subfolder, and then edit the applicationhost.config file. Then, I added the https line manually and restarted VS.

<binding protocol="http" bindingInformation="*:24941:localhost" />
                <binding protocol="https" bindingInformation="*:44301:localhost" />