When we are developing highly-trusted Provider Hosted Add-ins, we will be using a self-signed certificate for Add-in authentication. However, in production, we will have to use a third-party provided trust certificate and self-signed certificate is not really an option. In this blog, let’s see how to generate the self-signed certificate for use with Provider Hosted add-in development.
Spin up IIS Manager and select ‘Server Certificates’.
![Server]()
Click on "Create Self-Signed Certificate" from the right window pane.
![Server]()
Specify a name for the certificate.
![Server]()
Click on OK. It will create the certificate which will be listed in the Server Certificates. Right click the certificate and click on Export.
![Server]()
Specify the export location and the password. This will export a ‘.pfx’ file in the specified location.
![Server]()
Now, we have to generate the ‘.cer’ file. Double click the recently created certificate. From the details section, click on ‘Copy to File’.
![Server]()
Choose not to export the Private key and click on Next.
![Server]()
Specify the export location.
![Server]()
This will generate a .cer file in the export location.
![Server]()
Now, whenever we are creating a High Trust Provider Hosted add-in, we can use this certificate (.pfx file) for add-in authentication, as shown below.
![Server]()
Summary
Thus, we learned how to create a self-signed certificate for use with Provider Hosted add-in, in SharePoint Server 2016.