Error: The application certificate is not updated for this tenant

Error: The application certificate is not updated for this tenant

Issue description   

After upgrading to a newer version of ADManager Plus, users may encounter the error:
"The application certificate is not updated for this tenant." in the Microsoft365 tenant integration configuration.

This occurs because the new version of ADManager Plus uses certificate-based authentication to fetch data securely. Customers upgrading from an older version must update their Microsoft 365 configuration accordingly.

Possible causes   

The Microsoft 365 tenant configuration is missing a valid certificate, which may be expired, invalid, or not uploaded to both ADManager Plus and Azure.

Prerequisites   

  • Global Admin access to the Azure portal.

  • Admin access to ADManager Plus.

Resolution 

Step 1: Creating a self-signed certificate   

If you need a self-signed certificate, follow these steps:

  1. Navigate to the location of the installation folder of ADManager Plus\bin.

  2. Open Windows PowerShell as Administrator.

  3. Run the following command to set execution policy:

Info

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force -Scope Process  

  1. Execute the Create-selfsignedcertificate.ps1 script.

  2. When prompted, provide:

    • Common Name for the certificate.

    • Start and End Date (yyyy-MM-dd format) for validity.

    • Password

  1. The script generates a .pfx file (contains both public and private keys) in the bin folder.

 Step 2: Uploading the certificate   

  1. In ADManager Plus portal, upload the .pfx file in the Microsoft 365 configuration settings.

  2. In Azure portal:

    • Log in to portal.azure.com.

    • Navigate to App Registrations.

    • Search for the application using the Client ID (found in ADManager Plus under Directory/Application Settings > Microsoft 365).

    • Upload the .cer file in the Certificates & secrets section.

  1. Copy the Client Secret from Azure and update it as the Application Secret in ADManager Plus.

Tips   

  • Regularly update certificates before expiration to prevent authentication failures.

  • Maintain a backup of valid certificates.

  • Use a certificate from a trusted CA if possible to enhance security.

How to reach support   

If the issue persists, contact our support team here

                  New to ADSelfService Plus?