Validate Azure Stack Hub PKI certificates before deployment. For more information, see Validate Azure Stack Hub PKI certificates.
Validate Azure Stack Hub PKI certificates includes a Readiness Checker tool. Provide the Readiness Checker tool to the customer, along with deploymentdata.json file, to validate that the PKI certificates are suitable before deployment. Treat the PFX file and password as sensitive information known only to the customer.
Prepare and validate Azure Stack Hub PKI certificates for deployment as described in Perform core services certificate validation.
As a final step, you must place all the certificates that you have prepared and validated in directories as specified for the deployment host in the tables in Mandatory certificates and Optional PaaS certificates.
On a host or share that will be available during deployment, create a folder named Certificates and place the exported certificate files in the corresponding subfolders, as specified in Mandatory certificates. The following is an example of this directory structure:
\Admin Extension Host\ssl.pfx\
\Public Extension Host\ssl.pfx\
The certificates that are marked with an asterisk (*) are only needed when ADFS is used as an identity store.