Category: Development

Creating developer certificates and starting Angular 4 for SSL on Windows

If you’re a developer on Windows or a.Net developer getting to grips with Angular the steps outlined will create the various certificates and get local Angular 4 running under SSL.

The main steps are as follows and you will need to have installed makecert.exe and openSSL. For us Windows users the easiest way to get OpenSSL is to use one of the binaries installer listed here

  1. Create a Developer Root CA
  2. Install the Root CA certificate into your local certificate store
  3. Generate the developer localhost SSL certificates suitable for Angular 4
  4. Run Angular project using the developer localhost SSL certificate

Create a Developer Root CA Certificate

Create a folder to work in. Then open a command or PowerShell console and navigate to this folder.

You can either use makecert.exe, which I find the simplest,  or openSSL to generate a certificate

makecert.exe -r -n "CN=DevRoot" -pe -sv DevRoot.pvk -a MD5 -len 2048 -b 01/21/2010 -e 01/21/2030 -cy authority DevRoot.cer

You will be asked to provide a password to protect the private key and two files will be created. A private key file .PVK and a Microsoft format certificate .CER

If you want to use openSSL then you can follow the instructions here


Install and trust the Root CA Certificate

In order for the browsers to trust the SSL certificate we will make in the next we need to install the Root CA Certificate we have just created into our ‘trusted Root Certificate’ store.

  1. Right-click on the CER file and select ‘Install Certificate’
  2. Select User
  3. Select the Trusted Root Certificate Authorities
  4. Click Next and Finish

All developers in you team should do this.

Generate the developer localhost SSL certificates

You can do this using makecert.exe or openSSL. You will be using the Root CA private key and certificate you created in step 1.

makecert.exe -iv DevRoot.pvk -ic DevRoot.cer -n "CN=localhost" -pe -sv dev.web.local.pvk -a MD5 -len 2048 -b 01/21/2010 -e 01/21/2020 -sky exchange dev.web.local.cer -eku

You will be prompted to enter the RootCA private key password and also to set a password for the SSL certificate private key. I chose not to set one for the new key as I could not find how to specify this later using the Angular CLI. You will now have a PVK and CER files for the SSL, but Angular CLI needs a PEM and a CRT files. Use the following command to generate the convert both files to compatible formats.

REM Convert CER to CRT openssl x509 -inform DER -in web.local.cer -out web.local.crt REM Convert PVK to PEM openssl rsa -inform pvk -in web.local.pvk -outform pem -out web.local.pem

Run Angular project with Developer SSL Certificates

Copy the PEM and CRT files to the root of your Angular 4 project.

The following Angular  4 CLI command can be used to run the project using the Developer SSL private key and certificate.

ng serve --ssl --ssl-key "web.local.pem" --ssl-cert "web.local.crt"

add a -o to open your browser too!

Additional useful command if you need a PFX file for anything

You will need to locate a copy of pvk2pfx.exe.

REM Make PFX pvk2pfx.exe -pvk web.local.pvk -spc web.local.cer -pfx web.local.pfx

Azure Active Directory – How to give a Registered Application an AD Directory Administrative Role

By default a ‘Registered Application’ account is not a member of any Directory Roles and/or group memberships and there is no easy way to make these changes using the portal. You may have an API or back-end application that will be required to perform actions on your AD that requires elevated permissions (e.g. Reset passwords or delete accounts etc..)

Normally for advanced configuration, you will need to start editing the manifest file. Luckily this has been made easy using the Portal. You can now edit the file directly, or download, make changes and then upload.

However, to make a ‘Registered Application’ a member of a ‘Directory Administrative Role’ you need to use PowerShell to add the role member to the ‘Service Principal’ (as I couldn’t find a way to do this in the manifest!).

Continue reading “Azure Active Directory – How to give a Registered Application an AD Directory Administrative Role”

Azure Active Directory Graph API Wrapper to help make it a bit easier!

I have recently been trying to program against the Azure Active Directory (AAD) using the Microsoft.Azure.ActiveDirectory.GraphClient library. Unfortunately this library literally has no useful comments to assist understanding  or clarify parameters etc.. Let alone how best to use or implement objects and methods or what and why exception may occur.

Equally the MSDN documentation seems to be lacking in any examples and really has minimal comments (although I see it’s getting a bit better…I think).

To this end I have created a ‘wrapper / handler’ to simplify all sorts of AAD interactions called AADGraphHandler. It effectively will help manage the creation of the ActiveDirectoryClient and a bunch of it’s operations. You can find this on GitHub at

You can get access to the ActiveDirectoryClient directly, and so any methods not covered yet. (e.g. Adding and removing roles to a user. Just not needed it yet!)

Continue reading “Azure Active Directory Graph API Wrapper to help make it a bit easier!”

Let’s Encrypt Extension for Azure App Services

Let’s Encrypt Extension for Azure App Services

Thanks to Simon J.K. Pedersen ( there is now a reasonably easy way to get auto-updating “Let’s Encrypt” SSL certificates in you Azure App Services using the “Azure Let’s Encrypt” Extension (

There are some very comprehensive install and setup steps here

Continue reading “Let’s Encrypt Extension for Azure App Services”

Unit Test Class ReSharper Template and Snippets for nUnit and MS Test

Quick helper boiler plates for setting up your Unit Test.

I have included ReSharper Template here that you can import directly Resharper Templates. Also thanks you to Alessandro Aeberli for making the these Visual Studio Snippets

After importing the ReSharper Templates then you can use ‘uTestBoiler’ or ‘uTestnUnitBoiler’ shortcuts to add the code below into any test class.

If you want to make your own snippets you can use the Visual Studios Snippet Manager by following the instructions here

Continue reading “Unit Test Class ReSharper Template and Snippets for nUnit and MS Test”