fix: yse SHA256 for certificate fingerprinting

[ayeshurun]

📥 Pull Request

Address a CodeQL alert by replacing the insecure SHA1 hash algorithm with SHA256 when generating certificate thumbprints for authentication.

type: Must be one of the following:

• feat: A new feature
• fix: A bug fix
• docs: Documentation only changes
• style: Changes that do not affect the meaning of the code (e.g., formatting)
• refactor: A code change that neither fixes a bug nor adds a feature
• perf: A code change that improves performance
• test: Adding missing tests or correcting existing tests
• chore: Changes to the build process or auxiliary tools
• build: Changes that affect the build system or external dependencies
• ci: Changes to CI configuration files and scripts
• revert: Reverts a previous commit
  -->

✨ Description of new changes

This change affects service principal authentication using certificates. The certificate thumbprint is used by the underlying MSAL library as part of its token cache key.

• One-time cache invalidation: On the first authentication attempt after this update, service principals using certificate authentication will experience a cache miss. This is because the new SHA256-based thumbprint will not match the old SHA1-based thumbprint in the cache.
• Automatic re-authentication: MSAL will automatically and seamlessly acquire a new token from Azure AD. This may cause a minor, one-time delay.
• No impact on user authentication: Interactive user logins are not affected by this change.
  This update aligns with security best practices and resolves the reported vulnerability.