We know that in order to use OAuth2 implicit flow in Power Pages, we need to have a certificate in the proper format as specified by Microsoft here: Manage custom certificates
As we can the Let’s Encrypt service to generate free SSL certificates, I was wondering if I could not use the same developing Power Pages integration POCs in my developer tenant. Those certificates actually meet the criteria but they are not immediately in PFX format.
Straight away we can’t as they are not exposed as PFX files, but it’s not complex to run the conversion.
Steps needed (or the ones I took to achieve this)
Download the cert files from Let’s encrypt: Save them locally in your computer (pem file and crt file)
Install Open SSL: In my case I used the Open SSL version that comes bundled with Git
From Open SSL bash: Navigate into the folder in your computer where you have the .cer files and the private key.
Run the following command (replace the file names to your destination ones):
winpty openssl pkcs12 -inkey yoursourcekeyfile.pem -in yoursourcecertfile.crt -export -out exportedcertificate.pfx
I had some issues without the ‘winpty‘ command before the openssl command, as this interface does not allow retrieving the password without it, the prompt was frozen.
But by running the above command, you will be able to enter the password for your exported certificate as below:
And your certificate is sucessfully exported as PFX:
Importing the certificate in Power Pages
From the Power Platform Admin Center, find environment and Power Pages site you want to import the certificate, and find the session ‘Custom Certificates’.
Import the certificate you want, and you can grab the thumbprint from there:
Tip: You an grab the thumbprint full value by using the ‘Inspect Element’ functionality in your browser.
Conclusion
You can now use the OAuth 2.0 implicit grant flow in your Power Pages site with the Let’s Encrypt certificate.
Use the following Microsoft Tutorial to proceed enabling the OAuth2 implicit flow in your Power Pages site: Use OAuth 2.0 implicit grant flow in your Power Pages site
I hope this helps! Let me know if you have any further questions.
References:
Manage custom certificates in Power Pages
OpenSSL hangs during PKCS12 export with “Loading ‘screen’ into random state”
[…] Converting a certificate from .cert to .pfx to use with Power Pages OAuth2 implicit flow […]