You need to install a certificate for your URL to the server and bind it to the application in IIS. You can purchase one or try to get one free from
Let's Encrypt - Free SSL/TLS Certificates[
^].
You can generate a self-signed certificate on the server, but that will show to users as an invalid certificate, so there's no point to that outside of testing.
You will not be able to provide SSL/TLS until you have done this.
This also is not a code issue, this is an operational one. Changes to code will not help you here.