로그인
 
라이브러리학습다운로드지원커뮤니티포럼
Resources for IT Professionals >
Lync 2010 for iPhone/iPad Certificate issue

Answered Lync 2010 for iPhone/iPad Certificate issue

  • 2011년 12월 23일 금요일 오전 8:20
     
     
    로그인하여 투표
    0

    Dears,

    on 20th of December Microsoft released Lync client for i-devices. this is very good news, however i`ve dealed with an issue:

    There is a internal CA (Enterprise CA) which issued certificate to my Lync Server. Because it "Self-signed" and untrusted outside of our organization i`ve dealed with an issue on iPad/iPhone device. When i try to log in application reports that "can't verify certificate from the server. please contact your support team.". i`ve browsed web and someone said that certificate should be trusted by known centers, such as Verisign.

    Is there any way to "force" root certificate to that device or option in program to "ignore" untrusted certificates? For example, i don`t have such problem with exchange sync on i-device.

     

    Please, help!

     

모든 응답

  • 2011년 12월 23일 금요일 오전 9:04
     
     답변됨
    로그인하여 투표
    0

    Resolution found: Just install "untrusted" root ca to device.

    Installing certificates via Configuration Profiles
    If Configuration Profiles are being used to distribute settings for corporate services
    such as Exchange, VPN, or Wi-Fi, certificates can be added to the profile to streamline deployment.

    Installing certificates via Mail or Safari
    If a certificate is sent in an email, it will appear as an attachment. Safari can be used to download certificates from a web page. You can host a certificate on a secured website and provide users with the URL where they can download the certificate onto their devices.

    Installation via the Simple Certificate Enrollment Protocol (SCEP)
    SCEP is designed to provide a simplified process to handle certificate distribution for large-scale deployments. This enables Over-the-Air Enrollment of digital certificates
    on iPhone and iPad that can then be used for authentication to corporate services, as well as enrollment with a Mobile Device Management server. For more information on SCEP and Over-the-Air Enrollment, visit www.apple.com/iphone/business/resources.

    http://www.apple.com/iphone/business/docs/iOS_Certificates.pdf

     

     

    • 답변으로 표시됨 DarkYouth 2011년 12월 23일 금요일 오전 9:04
    •  
     
  • 2011년 12월 28일 수요일 오후 5:38
     
     
    로그인하여 투표
    0
    How did you go about installing the "untrusted" root ca to device?  TIA.
     
  • 2011년 12월 28일 수요일 오후 9:04
     
     
    로그인하여 투표
    0

    i`ve used the simpliest solution:

     

    Installing certificates via Mail or Safari
    If a certificate is sent in an email, it will appear as an attachment. Safari can be used to download certificates from a web page. You can host a certificate on a secured website and provide users with the URL where they can download the certificate onto their devices.

     

    P.S. i`m now using Lync 2010 on all i-Devices in my enterprise. Also, i suggest to everyone use this manual

    URL http://download.microsoft.com/download/C/A/2/CA20D75B-28DC-4E0F-9E63-AD50DBD1FE9B/LS_Mobility.doc

     
  • 2012년 1월 3일 화요일 오후 8:43
     
     
    로그인하여 투표
    0

    Hello ,

     

    I tried to email the certificate as you specified and i still get the error ther it can't be verified.  Lync works great with android devices but not iOS.  any suggestions?

     

    thanks

     
  • 2012년 1월 5일 목요일 오후 10:28
     
     
    로그인하여 투표
    0
    This really isn't specific enough to be an accepted solution. For example, how do you do number 2 or 3? Emailing a cert isn't easy, as Outlook blocks the files and installing via Safari using the Microsoft CA is a multi-step process. I'll look into how to implement option 3 using a MS CA.
     
  • 2012년 3월 15일 목요일 오전 8:55
     
     
    로그인하여 투표
    0

    Hi there,

    i have the same issue with certificate in Iphone / Ipad but not in android.

    in my android phone, it will automatically install CA root. but Iphone / Ipad i have a trick for that.

    generate the certificate from lync server 2010 into PFX file. then export root Certificate into PFX too. send all the pfx certificate using email or cable data into Iphone / Ipad device. then install the Certificate. u will find the certificate in General > profiles.

    then login lync 2010 normally.

    thats what i do for Root CA in my iphone / ipad.

    still dont know why the apple device cannot automatically install Root CA certificate. -cheers-

     
  • 2012년 4월 3일 화요일 오후 1:24
     
     
    로그인하여 투표
    0

    I used the following blog to get mine working:

    http://www.bricomp.com/blogs/archives.cfm/category/lync

    Emailing an exported certificate did not work for me, I had to use the Apple Mobile Configuration Utility to create the profile with the CA root certificate.

     
  • 2012년 4월 26일 목요일 오전 9:09
     
     
    로그인하여 투표
    0

    Hi CalPeete,

    What if you dont have a hardware load balancer and Lync on the Iphone works internally , but Externally it doesnt work it gives unable to verify the certificate.

    any ideas of how to fix this?

    thanks.....

     
  • 2012년 10월 12일 금요일 오후 4:28
     
     
    로그인하여 투표
    0

    What certificate are you exporting?  The OAuth cert or the Lync Default Certificate?

    OAuth is issued to my domain.com and the Lync Default Certificate is issued to lync.domain.com 

    I emailed them both and picked them up on the iphone through it's mail app.  Installed them but I still get the same error.

    This is with the 2013 (preview) server installed.

     
  • 2012년 12월 1일 토요일 오후 7:21
     
     제안된 답변
    로그인하여 투표
    0

    You can go to Lync server's IIS, under IIS top site (not your Lync default site)-> server certificate

    choose the certificate you created (it should have been created  as domain certificate from your own CA)

    right click and click export

    you can export as pfx as default.

    save it email.

    Ipad need it. PC can use pfx or p7b. I exported p7b from CA console.

    • 답변으로 제안됨 Perry_Support 2013년 1월 16일 수요일 오후 2:11
    •