Gabriel I guess there is a problem. Main one is that HTTPS
certificate private key cannot be coded by a secret this kind of certificate contain *.crt
and *.key
file which are not secured. When You want authenticate yourself or server in some Service for example Windows phone push like you have listed there is need to create hash for your private key with secret aka pin or password. What make You use at least two different certificates.
Second thing is that purpose of using certificates is to validate the issuer and to authenticate user/service provider. HTTPS
ssl certificate issued by a trusted CA
show to the user Hey this is trusted website You should not be afraid passing sensitive data through the service
, and the certificates which are used to authenticate are just saying Hey its me I am authorized to use this application
Purpose of those certificates and different so certificates them self should be different. Using the same cert
for actions like You have listed cause necessaries vulnerabilities and is highly NOT RECOMMENDED