Jean Paul's Blog

There are 2 types of People in the World, One who Likes SharePoint and..

  • Microsoft MVP

  • MindCracker MVP

  • CodeProject MVP

  • eBook on SharePoint 2010

  • eBook on Design Patterns

  • eBook on Windows Azure

  • NLayers Framework @ CodePlex

  • MSDN Forums

  • .Net vs. Java

    Due to Public Demand
  • Advertisements

Sign the Certificate

Posted by Paul on May 8, 2015

In this article we can see how to sign a certificate. This step is essential for doing a Provider Hosted Application in SharePoint 2013.


You have to create an IIS Certificate. I hope you have gone through this step already.


Following are the steps involved:

1. Copy the Certificate

2. Sign the Certificate

Copy the Certificate

Now we have to copy the certificate and sign it.

Open the IIS > Certificates.


Double click on our certificate.


From the Details tab click on the Copy to File.. Option.


Select the default options and click the Next button.


Please note that the extension is cer.


Click the Finish button to complete the copy operation.

Sign the Certificate

Now we need to sign the certificate. We can do this using PowerShell ISE editor.

Open ISE Editor in Administrator mode.


Run the following code. (You need to change the certificate path & GUID)

Add-PSSnapin Microsoft.SharePoint.PowerShell

$certPath = “C:tempSP2013Certificate.cer”
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certPath)
New-SPTrustedRootAuthority -Name “PHASelfSignedCertificate” -Certificate $cert

$realm = Get-SPAuthenticationRealm

$issuerId = “586bb34f-83b9-4dbe-b293-8981441bd7a8”
$issuerIdentifier = $issuerId + ‘@’ + $realm

New-SPTrustedSecurityTokenIssuer -Name “Provider hosted Self Signed Certificate” -Certificate $cert -RegisteredIssuerName $issuerIdentifier

$config = Get-SPSecurityTokenServiceConfig
$config.AllowOAuthOverHttp = $true


Signing process is required so that the SharePoint server can trust the second IIS Server which will host the PHA application. In real-world scenarios the certificate exporting & signing should be done with third-party vendors.



In this article we have explored how to sign a certificate for using in PHA application.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s