web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Finance | Project Operations, Human Resources, ... / Self signed certificat...
Finance | Project Operations, Human Resources, ...
Suggested Answer

Self signed certificates and PPAC

(5) ShareShare
ReportReport
Posted on by Koopman 20
With the PPAC provisioning of Finance and Operations Apps how would you go about adding a self signed certificate to your sandbox if you can't access the AOS and run certutil?

Independent software vendor (ISV) licensing - Finance & Operations | Dynamics 365 | Microsoft Learn

Categories:
Dynamics 365 Finance
I have the same question (0)
  • Suggested answer
    Saif Ali Sabri Profile Picture
    Saif Ali Sabri 2,351 Super User 2025 Season 2 on at

    Adding a Self-Signed Certificate to a Finance and Operations Sandbox Without AOS Access

    Since you don't have direct AOS access to run certutil, you need to use Microsoft Power Platform Admin Center (PPAC) and LCS (Lifecycle Services) to manage certificates. Below is the step-by-step process to add a self-signed certificate:

    1. Generate a Self-Signed Certificate

    Since you cannot run certutil on the AOS, generate the certificate locally on your machine:

    Using PowerShell (on your local machine)

     
    powershell
    $cert = New-SelfSignedCertificate -DnsName "yourdomain.com" -CertStoreLocation "Cert:\CurrentUser\My"
    Export-PfxCertificate -Cert "Cert:\CurrentUser\My\$($cert.Thumbprint)" -FilePath "C:\Temp\SelfSignedCert.pfx" -Password (ConvertTo-SecureString -String "YourSecurePassword" -Force -AsPlainText)
    • Replace "yourdomain.com" with your sandbox domain (or use *.cloudax.dynamics.com for wildcard).
    • This will generate a .pfx certificate file in C:\Temp.

    2. Upload Certificate to LCS for Sandbox Environment

    1. Go to Lifecycle Services (LCS): https://lcs.dynamics.com/
    2. Select your project and navigate to "Environment details" of your sandbox.
    3. Scroll down to "Manage Service Fabric Certificates".
    4. Click "Upload certificate" and provide:
      • The .pfx file you generated.
      • The certificate password.
      • The certificate purpose (e.g., SSL).
    5. Click Upload and wait for deployment (may take a few minutes).

    3. Configure the Certificate in Power Platform Admin Center (PPAC)

    1. Go to PPAC: https://admin.powerplatform.microsoft.com/
    2. Navigate to Environments and select your Finance and Operations sandbox.
    3. Under Settings > Identity and access, check if the certificate is required for authentication.
    4. Add the certificate if necessary under "Certificates & secrets".

    4. Verify the Certificate

    Once uploaded:

    • Test secure connections from your local machine to the sandbox.
    • If required, update Azure Key Vault with the certificate reference.

    Alternative: Use Azure Key Vault (Recommended)

    If managing certificates manually is a challenge, consider using Azure Key Vault for secure storage:

    1. Upload the certificate to Azure Key Vault.
    2. Use Azure App Registration to allow sandbox environments to access it.
    3. Update the sandbox to use Key Vault references instead of manually managing .pfx files.

    Summary

    ✔ Generate a self-signed certificate locally using PowerShell
    ✔ Upload it to LCS under "Manage Service Fabric Certificates"
    ✔ Configure in PPAC if needed
    ✔ Verify access and test secure connections
    ✔ (Optional) Use Azure Key Vault for better management

    This method ensures your certificate is properly installed without requiring direct AOS access.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Finance | Project Operations, Human Resources, AX, GP, SL

#1
Abhilash Warrier Profile Picture

Abhilash Warrier 669 Super User 2025 Season 2

#2
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 449 Super User 2025 Season 2

#3
Martin Dráb Profile Picture

Martin Dráb 384 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

End-of-life Announcement for Microsoft Dynamics GP

Product updates

Dynamics 365 release plans