My on-prem script deploys resources in Azure. The script uses a self signed certificate for Azure service principal authentication.
I created the certificate in Keyvault without a Certificate authority. Then I installed the certificate on the script server.
What are the risks of using a self signed certificate, instead of using a certificate with a Certificate authority in this situation?
Microsoft recommends to use self-signed certificate only for testing purposes only as an authentication method for Azure service principal.
The correct method for signing a certificate is to use a well-known, trusted third party, a certificate authority (CA). Self-signed certificates have several key limitations/disadvantages:
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/self-signed-certificates-secure-so-why-ban/