Create a Self-Signed Certificate For Use With Provider Hosted Add-in In SharePoint Server 2016

When we are developing highly-trusted Provider Hosted Add-ins, we will be using a self-signed certificate for Add-in authentication. However, in production, we will have to use a third-party provided trust certificate and self-signed certificate is not really an option. In this blog, let’s see how to generate the self-signed certificate for use with Provider Hosted add-in development.
 
Spin up IIS Manager and select ‘Server Certificates’.

Server

Click on "Create Self-Signed Certificate" from the right window pane.

Server

Specify a name for the certificate.

Server

Click on OK. It will create the certificate which will be listed in the Server Certificates. Right click the certificate and click on Export.

Server

Specify the export location and the password. This will export a ‘.pfx’ file in the specified location.

Server

Now, we have to generate the ‘.cer’ file. Double click the recently created certificate. From the details section, click on ‘Copy to File’.

Server

Choose not to export the Private key and click on Next.

Server

Specify the export location.

Server

This will generate a .cer file in the export location.

Server

Now, whenever we are creating a High Trust Provider Hosted add-in, we can use this certificate (.pfx file) for add-in authentication, as shown below.

Server

Summary

Thus, we learned how to create a self-signed certificate for use with Provider Hosted add-in, in SharePoint Server 2016.