Skip to content

Renew Azure certificate

The Sophos Mobile certificate for Microsoft Azure has a validity period of one year. You must renew it before it expires.

If you don’t renew the certificate before it expires, Intune app protection in Sophos Mobile stops working.


When you start the certificate renewal process (step 3 below), Intune app protection is temporarily unavailable until you upload the new certificate to your Sophos Mobile application on the Microsoft Azure portal (step 11).

To renew the Sophos Mobile certificate for Microsoft Azure, do as follows:

  1. In Sophos Central Admin, go to My Products > Mobile.
  2. Go to Setup > Sophos setup > Microsoft Azure.

    Under Certificate information, the expiration date of the current certificate is shown in Expiration date.

    certificate information, including the expiration date.

  3. Click Renew certificate.

  4. Click OK in the confirmation dialog.

    The OK button in the confirmation dialog.

    Sophos Mobile creates a new certificate and updates the information in the Thumbprint, Start date, and Expiration date fields.

    Updated certificate information.

  5. Click Download certificate to download the certificate file to your computer.

    The Download certificate button.

  6. Sign in to the Microsoft Azure portal with your Azure administrator account.

  7. Search for the App registrations service and open it.

    Search for App registrations in the Azure portal.

  8. Click your Sophos Mobile application.

    The Sophos Mobile application.

    If you have several applications, select the one with the matching Application (client) ID value.

    Application (client) ID value in Sophos Mobile and the Azure portal.

  9. In the left-hand menu, click Certificates & secrets.

    The Certificates & secrets menu entry.

  10. Click Upload certificate.

    The Upload certificate button.

  11. Select the file that you downloaded from Sophos Mobile and click Add.

    Select and add a certificate in the Upload certificate dialog.

  12. Check that the certificate has the same thumbprint in Sophos Mobile and Microsoft Azure.

    Certificate thumbprint in Sophos Mobile and the Azure portal.

  13. In Microsoft Azure, click Delete next to the old certificate to remove it from your Sophos Mobile application.

    The Delete button next to the old certificate.

This completes the certificate renewal process.