Sophos Mobile: Renew Microsoft Azure certificate for Intune app protection and federated authentication with Azure (on premise, SaaS)

Special thanks to Torben for creating this Content!

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.


To use the Intune app protection feature or the federated authentication with Azure you need a certificate which is valid for one year. So every year, you have to renew it. The below-mentioned steps show how to do that.

     1. Log in to Sophos Mobile account.

     2. Go to Setup --> Sophos Setup and Switch to Microsoft Azure tab.


     3. There will be two sub-sections: Certificate information and App registration.

     4. Go to Certificate Information and click on renew the certificate.


     5. It will renew the existing certificate and will create new thumbprint with a new start and expiry date.

     6. Once that is done, download the new certificate through download certificate button.


     7. Log in to Microsoft Azure account.

     8. Go to Settings --> Azure services.

     9. There click on App registrations or you can search “App registrations” in the search bar as well.


     10. There will be two tabs under the App registration: All applications and Owned Applications.

     11. Go to Owned applications and search for Sophos Mobile and click on that Sophos Mobile (Name may vary in your Microsoft Azure account as per the first setup)


     12. Now under application, on the left pane, Go to Manage --> Certificates & secrets.


     13. You’ll be able to see the upload Certificate tab.


     14. Now browse to the certificate path which we downloaded from Sophos Mobile and select that Certificate and add that certificate.


     15. Your certificate is now renewed on both Sophos Mobile and Microsoft Azure.


Have an idea or suggestion regarding our Documentation, Knowledgebase, or Videos? Please visit our User Assistance forum on the Community to share your idea!

Updated the disclaimer
[edited by: Gladys at 4:58 AM (GMT -7) on 6 Apr 2023]