Authentication with Certificates
As best practice configuration it is recommended to use the combination of private key and certificate instead of client_secret. Sometimes the existing systems do not allow for this possibility, so this cannot be generalized.
To use the certificated authentication a certificate with key must be generated. OpenSSL can be sued to create these.
1.Start the openssl.exe from the command line.
2.Type in: req -x509 -newkey rsa: 4096 -keyout key.pm -out cert.pem -days 365 -nodes
The certificate and key will be created in the same folder like the installer.
To get these information a registered application is needed.
1.Login at https://add.portal.azure.com.
2.Go to Azure Active Directory and click on App registrations.
3.Click on the registered application.
4.Click on Certificates & secrets.
5.Select Certificates.
6.Upload the certificate-file that has been created.
