You need to install a certificate for your URL to the server and bind it to the application in IIS. You can purchase one or try to get one free from Let's Encrypt - Free SSL/TLS Certificates
You can generate a self-signed certificate on the server, but that will show to users as an invalid certificate, so there's no point to that outside of testing.
You will not be able to provide SSL/TLS until you have done this.
This also is not a code issue, this is an operational one. Changes to code will not help you here.