Microsoft 365 Roadmap

RM564617Microsoft Purview: Information Protection - Rights Management connector – Certificate-based authentication

Summary

The Microsoft Rights Management (RMS) connector is moving from shared-secret authentication to certificate-based authentication, improving its security posture. With this update, administrators configure their own Microsoft Entra app registration and certificate, then use the new PowerShell module to configure the certificate for each workload (Connector, Exchange, SharePoint, and FCI). New PowerShell cmdlets handle certificate import, registry configuration, private-key permissions, and validation. As part of this change, the connector setup no longer provisions an Entra service principal or issues a shared secret on the customer's behalf. Customers should plan to register an Entra ID application and upload a certificate before installing or upgrading the connector.

Description

The Microsoft Rights Management (RMS) connector is moving from shared-secret authentication to certificate-based authentication, improving its security posture. With this update, administrators configure their own Microsoft Entra app registration and certificate, then use the new PowerShell module to configure the certificate for each workload (Connector, Exchange, SharePoint, and FCI). New PowerShell cmdlets handle certificate import, registry configuration, private-key permissions, and validation. As part of this change, the connector setup no longer provisions an Entra service principal or issues a shared secret on the customer's behalf. Customers should plan to register an Entra ID application and upload a certificate before installing or upgrading the connector.

GA date: September CY2026

Preview date: July CY2026

Version history

2 versions tracked

Updated 1 time since Jun 3, 2026. Microsoft 365 Message Center only shows the current version; this archive preserves tracked history.

Compare any two versions

From
To
  1. Jul 13, 2026 - 11:07 PMLatest - v2

    Changed: Body

  2. Jun 3, 2026 - 11:00 PMOriginal - v1

    Changed: Initial version