When we are developing highly-trusted Provider Hosted Add-ins, we will be using a self-signed certificate for Add-in authentication. However, in production, we will have to use a third-party provided trust certificate and self-signed certificate is not really an option. In this blog, let’s see how to generate the self-signed certificate for use with Provider Hosted add-in development.
Spin up IIS Manager and select ‘Server Certificates’.
Click on "Create Self-Signed Certificate" from the right window pane.
Specify a name for the certificate.
Click on OK. It will create the certificate which will be listed in the Server Certificates. Right click the certificate and click on Export.
Specify the export location and the password. This will export a ‘.pfx’ file in the specified location.
Now, we have to generate the ‘.cer’ file. Double click the recently created certificate. From the details section, click on ‘Copy to File’.
Choose not to export the Private key and click on Next.
Specify the export location.
This will generate a .cer file in the export location.
Now, whenever we are creating a High Trust Provider Hosted add-in, we can use this certificate (.pfx file) for add-in authentication, as shown below.
Summary
Thus, we learned how to create a self-signed certificate for use with Provider Hosted add-in, in SharePoint Server 2016.