Try Microsoft Edge
A fast and secure browser that's designed for Windows 10
I am setting up UAT environment for on prem. For the deployment, one runs many scripts and these scripts create self signed certificates and then the thumbprints are you used later on.
I was just wondering what would I do for production? We definitely can not use self signed as they expire after a year.
So where do I get certificates from? and how do i deal with them as currently certificates do the job.
Any help will be highly appreciated.
I found out below article from Sohaib, it gives the details about how to increase expiry date but I still have a question. What if I use Self signed certificates for production environment, what will be the problem?
Microsoft has recommended few names of certificate providers for production system. You can buy from certificate providers for your production instances. The purchased certificates thumbnails can be added in configuration file of prod, so rather than recreating those it will use the existing (purchased ones)
For UAT or sandBox, by default it generates for 1 year, i don't like that personally 1 year time and then it will prompt me for expiry after one year. For my UAT or sandboxes, i usually increase the timing from 1 year to my preferred time.
Sohaib ! What about the production? What is wrong with using self signed cert on prod?
Simple it is not recommended from Microsoft for prod.
Otherwise technically, it would not stop you from doing installation. even with your self signed certificates it should allow you to do installation of prod.
I have seen prod installations with self-signed certificates, in some countries.
I am not a decision maker here :) so, it is the decision of individual organization, how they want to proceed with installation of prod. May be some organization can be super rich to buy certs for UAT also. so its kind of personal decision. If you want to hear Microsoft Recommendation, they would say buy those from a authentic cert provider.
I've asked the question to our FastTrack liaison, and his answer:
Doesn't answer the question. For PROD I will need to provide the client with a robust and verified procedure for renewing them.
Have you been able to find out procedure to update thumbprints of expired certificates ?
Business Applications communities