Keepit Live World Tour: Join us in a city near you

Keepit Platform LoginPartner Portal Login
Support
ENDEFRES
Keepit Platform LoginPartner Portal Login
Support
ENDEFRES
Get a demo

M365 connector

HomeHelp centerM365 ConnectorGenerate a certificate for your Entra ID app registration

Generate a certificate for your Entra ID app registration

Follow the steps below to create a certificate for your Entra ID app registration, which is required for backing up Teams Chats data.

  • For Windows Users: Use our PowerShell script to generate a certificate and key. Download the script here. Follow the instructions below to run the script.
  • For Mac Users: We recommend using OpenSSL to generate a certificate and key. Detailed instructions are provided below.
  • If you are creating your own certificate, ensure the following configuration:
  • Certificate Format: x509
  • Hash Algorithm: SHA-256
  • Encryption Algorithm: RSA 2048

Windows Users

Before you get started, download the latest version of the script from the Keepit Support Site: PowerShell Script for Entra ID App Registration. 

Save the script locally (e.g., C:\Users\YourUserName\Documents\Multiapp).
Important: Ensure the script is saved locally and not to a cloud service like OneDrive, as this may cause issues.  
After downloading the script, rename the file extension to .ps1to make it a PowerShell script.

Follow these steps to generate a certificate with PowerShell:

1. Right-click the PowerShell icon and select Run as Administrator.

2. Run the following command to allow PowerShell scripts to execute on your PC:
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
Note: If you close PowerShell, you will need to run this command again to enable script execution.

3. Run the following command (ensure it matches the location where your script is saved):
cd C:\Users\(Your user name)\Documents\Multiapp

4. Run the command:
./generate-self-signed-cert.ps1

5. In the PubKeyFileName field, enter a name (e.g., Public) and press Enter.

6. In the PrivKeyFileName field, enter a name (e.g., Private) and press Enter.

7. Enter a name for the certificate file, followed by the appropriate extension. It can be .cer, .crt, or .pem.

8. Enter the following information when prompted:
Country Name (2 letter code) [AU]:
State or province name (full name) [Some-State]:
Locality Name (eg, city):
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organization Unit Name (eg, section) [Engineering]:
Common Name (e.g. server FQDN or YOUR name) [foo.org]:
Email address [foo@bar.baz]:
Note: Ensure the email address entered is linked to your tenant, such as a service account.

9. Press Enter after providing the information.
The certificate will be generated and saved in the directory where the script is located.

Mac Users

If you are using a Mac, follow these steps using OpenSSL to generate a certificate:

1. Generate a self-signed certificate (x509 with rsa 2048 valid for the 2 years) by running the following command:
openssl req -x509 -sha256 -days 730 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
This will generate two files: privateKey.key and certificate.crt

2. Upload the certificate.crt in the Certificates & secrets section for the target Application Registration in the Entra ID admin center.

3. Remove the passphrase from certificate key by running the following command:
openssl rsa -in privateKey.key -out privateKeyWoPass.key

4. Use certificate.crt and privateKeyWoPass.key to configure your custom Teams app in Keepit.

Knowledge baseM365 Connector

Related articles

Create an app registration in Entra ID