0

We're trying to set up a generic SSO solution, and we want it to work with Azure ADFS.

The requirement that's causing the problem is that we need the SSO provider to use our own certificate, not one generated by the provider itself (in this case, Azure).

The documentation we've found on Azure for this is here -

https://learn.microsoft.com/en-us/azure/active-directory/active-directory-sso-certs

But this only goes into detail on how to manage the Azure certificates themselves, not how to use a different certificate entirely.

Does anyone know if it's possible to make Azure ADFS SSO use a custom certificate, or does it only work with certificates generated by Azure itself?

Jamie Burns
  • 1,258
  • 9
  • 21

2 Answers2

0

If you are talking about the certificate to sign tokens sent to the 3rd party, no, that would break security.

Just wondering, where does ADFS fit in?

rbrayb
  • 46,440
  • 34
  • 114
  • 174
0

If your asking "Can I use a third party certificate authority like GoDaddy or Digicert?" The answer is yes. If you click on your app service -> SSL Settings you'll notice a FAQ link at the top. Here are the three links there and hopefully one of them will answer your question:

  1. Bind an existing custom SSL certificate to Azure Web Apps
  2. App Service Certificates now supports public certificates (.cer)
  3. Use an SSL certificate in your application code in Azure App Service
David Yates
  • 1,935
  • 2
  • 22
  • 38