Developing Logon with Certificate Authentication
Enable logon with an X.509 certificate.
- If developing for the .NET platform certificate handling is enabled by default inside the LogonCore library. The LogonCore library picks a certificate automatically (even if the authentication is combined with SAML) from the certificate store when needed. The user certificate is picked from certmgr.msc Personal/Certificates.
If developing for Windows Runtime or Store apps
Windows Runtime or Store apps can read certificates from the app's local certificate
store. This is true for every component (including the LogonCore library)
the app uses. Therefore the PFX file (certificate) must first be installed
into the local certificate store so the LogonCore component can use it
automatically. Users of the SDK cannot explicitly specify which certificate
to use. The application developer has two options for installing a
- Install the certificate using the Windows Runtime APIs.
- implement the certificate provider interface (ICertificateProvider) provided by the LogonCore library to install a PFX into the app's local certificate store.