Self-signed certificates are great for testing under SSL to make sure your application works, but it's not practical for production apps as the certificate would have to be installed on every machine you'd expect to trust this certificate.

Once you go to production, especially public production you will need an 'official' certificate signed by one of the global certificate authorities.

The easiest way to do this is to purchase a full IIS certificate and install it in IIS. The IIS certificate can be used for self-hosted applications using the HttpListener so therefore it will work with a self-hosted SignalR or any HttpListener application.

Once the time comes to go live, simply register a new certificate through IIS, then use:

netsh http add sslcert

to register that certificate as shown above. A public SSL certificate, in most cases, is already recognized so no further certificate store moving is required. It should only require the netsh registration to tie it to a particular port and app Id.

If you don't have a full server certificate yet, but you'd like to test with SSL operations locally you can also use the IIS Admin interface to very easily create a self-signed certificate Here's how to do it:

• Go to the machine root of the IIS Service Manager

• Go to the Server Certificates Item in the IIS section

• On the left click Create Self-Signed Certificate

• Give it a name, and select the Personal store

• Click OK

• Job Done!

Copy the self-signed Certificate to the Trusted Root Certification Store

Once you have a self-signed certificate, you need one more step to make the certificate trusted so that HTTP clients will accept it on your machine without certificate errors. The process involves copying the certificate from the personal store to the trusted machine store. To do this:

1. From the Run Command - open Manage Computer Certificates (certlm.msc)

2. Go into Personal | Certificates and find your certificate

3. Drag and Copy (Ctrl-Drag) the certificate to Trusted Root Certification Authorities | Certificates

Although you now have a server certificate – you must now install an appropriate certificate on your clients so that they can trust the server certificate.