SALES: 1-800-867-1380

Create a Service Certificate for Azure

Updated: November 13, 2013

You may need different types of certificates depending on the type of application that you develop for Windows Azure. For example, you might have a need for the following:

  • Creating a Personal Information Exchange certificate. A Personal Information Exchange certificate that is issued by a signing authority and verifies the authenticity and security of the hosted service (can be a self-signed certificate for testing purposes). The format of this certificate uses a .pfx extension. This type of certificate is used as a service certificate and is needed for creating a remote desktop connection.

  • Obtaining the thumbprint for a certificate. The thumbprint is used to identify the certificate for authenticating operations performed in a hosted service.

For more information about certificate usage in Windows Azure, see Manage Certificates.

You can use the Certificate Manager to export a Personal Information Exchange formatted certificate. You can also export this format from the Internet Information Services (IIS) Manager. When you export the certificate to the .pfx format, you must know the password for the private key. For more information about importing and exporting certificates, see Import or export certificates and private keys.

  1. Open the Certificate Manager snap-in for the management console by typing certmgr.msc in the Start menu textbox.

  2. If you used the procedure that includes using the makecert program to create a certificate, the new certificate was automatically added to the personal certificate store. If your certificate is not listed under Personal Certificates, import your X.509 certificate.

  3. Export the certificate by right-clicking the certificate in the right pane, pointing to All Tasks, and then clicking Export.

  4. On the Export Private Key page, ensure that you select Yes, export the private key.

  5. Finish the wizard.

If you are using Internet Information Services (IIS) Manager to manage certificates, you can export a .pfx formatted version.

  1. Open the Internet Information Services (IIS) Manager by typing inetmgr in the Start menu textbox.

  2. In the Connections pane, select your server. In the IIS section of the center pane, double-click Server Certificates.

  3. Right-click the certificate in the center pane, and then click Export.

  4. Select the location for the file, enter the name for the file, and enter the password for the private key.

  5. Click Ok.

The thumbprint of the certificate is required for some operations involved with service authentication. You can obtain the thumbprint of a certificate by using the Certificate Manager or the Internet Information Services (IIS) Manager.

  1. Open the Certificate Manager snap-in for the management console by typing certmgr.msc in the Start menu textbox.

  2. Ensure that your certificate has been imported.

  3. Expand Personal, click Certificates, right-click the certificate in the list, and then click Open.

  4. Click Details, and then locate the Thumbprint property and value in the list.

    noteNote
    The thumbprint in Certificate Manager contains spaces and lowercase characters. You must remove the spaces and convert the characters to uppercase when using the thumbprint in the service model or when encrypting a password for a remote desktop connection.

  1. Open the Internet Information Services (IIS) Manager by typing inetmgr in the Start menu textbox.

  2. In the IIS section of the center pane, double-click Server Certificates.

  3. Select the certificate in the center pane, and then click View in the Actions pane.

  4. Click Details, and then locate the Thumbprint property and value in the list.

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft