Wednesday, May 04, 2011 9:05 AM
I am bit confused about edge server internal interface certificate. Scenario is
Internal domain = mocs.local
SIP domain = lync.prov.com
similarly,dialin = dialn.prov.com and etc.
My question is when I generate a certificate request for internal certificate do i have to add SAN NAME for my sip domains as well. i.e. sip.lync.prov.com etc. Currently, the certificate only have a subject name of my edge server fqdn which is lyncedge.mocs.local.
thanks in advance
Thursday, May 05, 2011 9:49 AMModerator
Your current certificate will work for internal users,the certificate for internal interface just requires the SN match to the edge server's FQDN.
More information please refer:
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Friday, May 06, 2011 8:13 AM
Wednesday, February 22, 2012 7:26 PM
I have a enterprise lync deployment, using an edge pool. For the edge server cert wizrd:
When I run the certificate wizard on the internal cert, it just puts a subject name (edge pool fqdn) "edgepool.domain.com" and the Subject Alternative Name field is blank.
Do I need to add in manually the fqdn off the edgepool server member as well on the next screen (and therefore needing a SAN cert) or can I get by with a simple certificate if i do not need to add in the member?
I need to use public CA since an internal CA is not an option for me.
- Edited by iconoclast88 Wednesday, February 22, 2012 7:27 PM
Wednesday, February 22, 2012 9:02 PM
http://social.technet.microsoft.com/Forums/en-US/ocscertificates/thread/3c158222-55eb-4b7c-8086-7769b9731db9 my question was answered here....
- Proposed As Answer by iconoclast88 Wednesday, February 22, 2012 9:02 PM
Wednesday, February 22, 2012 10:48 PMModeratorIn a single-Edge server deployment (not an aarray or pool) the internal Edge certificate should not be a SAN certificate and only uses the Edge Server FQDN as the certificate's Common Name.
Jeff Schertz | Microsoft Solutions Architect - Polycom | Lync MVP
- Proposed As Answer by Josh Fernando Wednesday, February 22, 2012 11:55 PM
Thursday, February 23, 2012 2:48 AMThanks for the input Jeff.