'Azure AD App Registration certificate credentials - What should the certificate common name be?

When using a certificate for authentication to Microsoft Identity Platform, are there specific details required for the certificate? Does Azure AD actually verify if the common name matches the server?

If my app registration is for a web app, could I just re-use the same SSL certificate that's used for the HTTPS binding?

For a daemon app, I guess the common name should be the hostname FQDN?

azure-active-directoryssl-certificate


Solution 1:[1]

No, Azure AD does not verify a match between the certificate CN and the host name. Also:

  1. A 2048-bit size is highly recommended for the best combination of security and performance.
  2. It must use the RSA cryptographic algorithm.
  3. Can be signed with SHA256, SHA384 and SHA512 hash algorithms.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 AlfredoRevilla-MSFT

Related Questions

Problem with configuring ssl certificates in asp .net core API

Problem with configuring ssl certificates in asp .net core API

Server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

Turn off or bypass SSL Certificate Verification in Swift iOS

ActiveMQ over SSL: "acceptInvalidBrokerCert=true" not working

Install SSL certificates in my AWS canary puppeteer script

Getting this error while installing DFX on my mac "curl: (60) SSL certificate problem: certificate has expired"

How to install a custom certificate in Symfony server?

ssl ,urllib3,requests .exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:548)

How to fix javax.net.ssl.SSLHandshakeException even though i have already added the certificate

Renew kubernetes pki after expired

Error: unable to verify the first certificate in nodejs

How does wildcard ssl certificate match domains

How to create a self signed cerficate using command prompt?

SSLHandshakeException in Eclipse Temurin JRE8 Alpine container for self-signed certificate