If used solely as a secret, there aren't that many disadvantages. It's mainly around the lifecycle of the certificate itself, and being able to enforce some policy in terms of key strength, validity, etc.
App registration certificate authentication
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 93%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
ritmo2k
811
Reputation points
I am looking for any official documentation on best practices related to using self-signed certificates for app registration authentication.
Since the issuer is not validated, it is not clear that there are any disadvantages to using a self-signed certificate.
Does anyone know of any official guidance on this matter?
Thanks!
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Answer accepted by question author
-
Vasil Michev 123K Reputation points MVP Volunteer Moderator2024-10-23T07:20:04.5666667+00:00
1 additional answer
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 51%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Bandela Siri Chandana 3,065 Reputation points Microsoft External Staff Moderator2024-10-23T07:11:20.9666667+00:00 Hi @ritmo2k
Thank you for posting your query on Microsoft Q&A.
I understand that you are looking for an official documentation on best practices related to using self-signed certificates for app registration authentication.
Follow this documentation: Create a self-signed public certificate to authenticate your application
Since the issuer is not validated, Self-signed certificates are considered unsafe for public-facing websites and applications.
Hope this helps. Do let us know if you have any further queries.
If this answers your query, do click
`Accept Answer`and`Yes`for was this answer helpful. And, if you have any further query do let us know.Thanks,
B. Siri Chandana.