![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 24%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,664 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@JcAubrun Thank you for reaching out to us. As I understand you are looking for a Azure Certificate as a Service which can act like Root CA ( something like a on-premise certificate authority ), researched on this unfortunately we don't have any such service which can provide the functionality which you are looking for.
As Jimmy mentioned above you use Azure AD certificate-based authentication (CBA) which allows users to authenticate directly with X.509 certificates against Azure Active Directory (Azure AD) for applications and browser sign-in.
Reference: Azure AD certificate-based authentication
Also you can share product suggestions on the Entra (Azure AD) forum which is monitored closely by our product group team.
Let me know if you have any further questions, please feel free to post back.
Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.
