SharePoint Pals
 | Sign In
Certificate used while creating a Provider Hosted Application in SharePoint 2013
by Sathish Nadarajan 25 Mar 2014
SharePoint MVP
Today  :   5     Total  :    14427

In the article, we saw the step by step approach to create a provider hosted application. But on that, while creating an app from visual studio, we are giving a certificate and an Issuer ID. I thought of explaining it to the community for a long time. But we forgot and moved to other areas. Now, it’s time to look in to that.

I request the readers to have a look on the above mentioned article to make sure that we are on the same track.

A quick walk through is, on the step number 5, we need to provide a pfx file and an issuer ID.


This issuer ID will be added automatically on the web.config of our provider hosted application. The steps to create and make use of this are as follows.

1. Create a Self Signed Certificate from InetMgr. Please refer here.

2. Export the certificate and create the PFX with a password.

3. Now, we need to create the Issuer ID.

To create Issuer ID, go to the Appregnew.aspx page. The full URL will be something like, https://MyServer/sites/MySiteCollection/_layouts/15/Appregnew.aspx.


Once, we give the IssuerID, the web.config of the app will looks like

 <add key="ClientSigningCertificatePath" value="C:\MyCertificate.pfx"/>
 <add key="ClientSigningCertificatePassword" value="****"/>
 <add key="IssuerId" value="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"/>

4. Register the Issuer ID to create a new Trusted Identity Token Issuer using the PowerShell script.

5. The following script will do that.

 //Registering a Issuer ID 1dfc02bc-ff74-4604-b295-b58860cba1f9
 Add-PSSnapin "Microsoft.SharePoint.PowerShell"
 $issuerID = " xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx "
 $targetSiteUrl = "https://MyWebApplication:3000/sites/DeveloperSite/"
 $targetSite = Get-SPSite $targetSiteUrl
 $realm = Get-SPAuthenticationRealm -ServiceContext $targetSite
 $registeredIssuerName = $issuerID + '@' + $realm
 $publicCertificatePath = "C:\Certs\MyCert.cer"
 $publicCertificate = Get-PfxCertificate $publicCertificatePath
 Write-Host "Create Security token issuer"
 $secureTokenIssuer = New-SPTrustedSecurityTokenIssuer -Name $issuerID -RegisteredIssuerName $registeredIssuerName -Certificate $publicCertificate -IsTrustBroker
 $secureTokenIssuer | select *
 $secureTokenIssuer  | select * | Out-File -FilePath "SecureTokenIssuer.txt"
 #Turn off the HTTPS requirement for OAuth during development
 $serviceConfig = Get-SPSecurityTokenServiceConfig
 $serviceConfig.AllowOAuthOverHttp = $true
 Write-Host "All done..."

Happy Coding.

Sathish Nadarajan.

blog comments powered by Disqus

SharePoint Pals

SharePoint Pals, a community portal for SharePoint developers, Administrators and End Users. Let's join hands and share the point together.
Read this on mobile


Angular Js Training In Chennai
Advanced Angular Js training with real world developer scenarios
Angular Js, Web Api and Ionic for .Net Developers
All in one client side application development for .Net developers
Angular Js For SharePoint Developers
Get ready for the future. Its no more just C#

Get Connected

SharePoint Resources

SharePoint 2013 and 2010 Web Parts
Free Web Parts with Source Code for SharePoint Community

SharePoint 2013 Books and Tutorials
Collection of free SharePoint 2013 books and tutorials (eBooks, pdfs)

Supported By

Contribute your article and be eligible for a one month Free Subscription for Plural Sight. The Author of the most popular New Article (published in the previous month) will be awarded with a Free One month Plural Sight Subscription. Article can be sent to in a word document.

Related Resources

Recent Tweets

Twitter October 23, 22:21
How to Add/Remove User Custom Actions (in Site Actions Menu) Programmatically using CSOM PNP in SharePoint -

Twitter October 21, 21:34
How to Add a JS Link Reference to the Display Form or Any other ASPX Programmatically using CSOM PNP in SharePoint -

Twitter October 20, 13:01
How to Add a JS Link Reference to the NewForm and EditForm Programmatically using CSOM PNP in SharePoint Office 365-

Twitter October 12, 12:15
How to Deploy Provider Hosted Apps (Add-Ins) by App Stapling in SharePoint Office 365 -

Twitter October 11, 13:39
How to Deploy Provider HostedApp programmatically using CSOM in SharePoint Office 365 Activating Developer Feature -

Follow us @SharePointPals
Note: For Customization and Configuration, CheckOutRecent Tweets Documentation