You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -81,16 +81,26 @@ Daemon applications can use two forms of credentials to authenticate with Azure
81
81
82
82
### Upload a certificate
83
83
84
-
You can use an existing certificate if you have one. Optionally, you can create a self-signed certificate for testing purposes. Open PowerShell and run [New-SelfSignedCertificate](/powershell/module/pkiclient/new-selfsignedcertificate) with the following parameters to create a self-signed certificate in the user certificate store on your computer:
84
+
You can use an existing certificate if you have one. Optionally, you can create a self-signed certificate for *testing purposes only*. Open PowerShell and run [New-SelfSignedCertificate](/powershell/module/pkiclient/new-selfsignedcertificate) with the following parameters to create a self-signed certificate in the user certificate store on your computer:
Export this certificate to a file using the [Manage User Certificate](/dotnet/framework/wcf/feature-details/how-to-view-certificates-with-the-mmc-snap-in) MMC snap-in accessible from the Windows Control Panel.
91
91
92
+
1. Select **Run** from the **Start** menu, and then enter **certmgr.msc**.
93
+
94
+
The Certificate Manager tool for the current user appears.
95
+
96
+
1. To view your certificates, under **Certificates - Current User** in the left pane, expand the **Personal** directory.
97
+
1. Right-click on the cert you created, select **All tasks->Export**.
98
+
1. Follow the Certificate Export wizard. Export the private key, specify a password for the cert file, and export to a file.
99
+
92
100
To upload the certificate:
93
101
102
+
1. Select **Azure Active Directory**.
103
+
1. From **App registrations** in Azure AD, select your application.
94
104
1. Select **Certificates & secrets**.
95
105
1. Select **Upload certificate** and select the certificate (an existing certificate or the self-signed certificate you exported).
96
106
@@ -142,15 +152,21 @@ In your Azure subscription, your account must have `Microsoft.Authorization/*/Wr
142
152
143
153
To check your subscription permissions:
144
154
145
-
1.Select your account in the upper right corner, and select **... -> My permissions**.
155
+
1.Search for and select **Subscriptions**, or select **Subscriptions** on the **Home** page.
146
156
147
-
1. Select the subscription you want to create the service principal in.
160
+
161
+
162
+
163
+
If you don't see the subscription you're looking for, select **global subscriptions filter**. Make sure the subscription you want is selected for the portal.
148
164
149
-
1.From the drop-down list, select the subscription you want to create the service principal in. Then, select **Click here to view complete access details for this subscription**.
165
+
1.Select **My permissions**. Then, select **Click here to view complete access details for this subscription**.
150
166
151
167
152
168
153
-
1. Select **Role assignments** to view your assigned roles, and determine if you have adequate permissions to assign a role to an AD app. If not, ask your subscription administrator to add you to User Access Administrator role. In the following image, the user is assigned the Owner role, which means that user has adequate permissions.
169
+
1. Select **View** in **Role assignments** to view your assigned roles, and determine if you have adequate permissions to assign a role to an AD app. If not, ask your subscription administrator to add you to User Access Administrator role. In the following image, the user is assigned the Owner role, which means that user has adequate permissions.
154
170
155
171
0 commit comments