Merge pull request #92114 from FrankHu-MSFT/patch-70

PRMerger8 · web-flow · commit 77b10c38c5d6 · 2019-11-01T19:09:33.000-07:00
(AzureCXP) Add Note regarding X5T
diff --git a/articles/active-directory/develop/active-directory-certificate-credentials.md b/articles/active-directory/develop/active-directory-certificate-credentials.md
@@ -130,4 +130,7 @@ In the Azure app registration for the client application:
    
 ## Code sample
 
+> [!NOTE]
+> You must calculate the X5T header by using the certificate's hash and  converting it to a base64 string. In C# it would look something similar to that of : `System.Convert.ToBase64String(cert.GetCertHash());`
+
 The code sample on [Authenticating to Azure AD in daemon apps with certificates](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential) shows how an application uses its own credentials for authentication. It also shows how you can [create a self-signed certificate](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential#create-a-self-signed-certificate) using the `New-SelfSignedCertificate` Powershell command. You can also take advantage and use the [app creation scripts](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential/blob/master/AppCreationScripts/AppCreationScripts.md) to create the certificates, compute the thumbprint, and so on.
