登入
 
首頁文件庫學習園地下載支援社群論壇
IT 專業人員的技術資源 >
Lync 2010 for iPhone/iPad Certificate issue

Answered Lync 2010 for iPhone/iPad Certificate issue

  • 2011年12月23日 上午 08:20
     
     
    登入以投票
    0

    Dears,

    on 20th of December Microsoft released Lync client for i-devices. this is very good news, however i`ve dealed with an issue:

    There is a internal CA (Enterprise CA) which issued certificate to my Lync Server. Because it "Self-signed" and untrusted outside of our organization i`ve dealed with an issue on iPad/iPhone device. When i try to log in application reports that "can't verify certificate from the server. please contact your support team.". i`ve browsed web and someone said that certificate should be trusted by known centers, such as Verisign.

    Is there any way to "force" root certificate to that device or option in program to "ignore" untrusted certificates? For example, i don`t have such problem with exchange sync on i-device.

     

    Please, help!

     

所有回覆

  • 2011年12月23日 上午 09:04
     
     已答覆
    登入以投票
    0

    Resolution found: Just install "untrusted" root ca to device.

    Installing certificates via Configuration Profiles
    If Configuration Profiles are being used to distribute settings for corporate services
    such as Exchange, VPN, or Wi-Fi, certificates can be added to the profile to streamline deployment.

    Installing certificates via Mail or Safari
    If a certificate is sent in an email, it will appear as an attachment. Safari can be used to download certificates from a web page. You can host a certificate on a secured website and provide users with the URL where they can download the certificate onto their devices.

    Installation via the Simple Certificate Enrollment Protocol (SCEP)
    SCEP is designed to provide a simplified process to handle certificate distribution for large-scale deployments. This enables Over-the-Air Enrollment of digital certificates
    on iPhone and iPad that can then be used for authentication to corporate services, as well as enrollment with a Mobile Device Management server. For more information on SCEP and Over-the-Air Enrollment, visit www.apple.com/iphone/business/resources.

    http://www.apple.com/iphone/business/docs/iOS_Certificates.pdf

     

     

    • 已標示為解答 DarkYouth 2011年12月23日 上午 09:04
    •  
     
  • 2011年12月28日 下午 05:38
     
     
    登入以投票
    0
    How did you go about installing the "untrusted" root ca to device?  TIA.
     
  • 2011年12月28日 下午 09:04
     
     
    登入以投票
    0

    i`ve used the simpliest solution:

     

    Installing certificates via Mail or Safari
    If a certificate is sent in an email, it will appear as an attachment. Safari can be used to download certificates from a web page. You can host a certificate on a secured website and provide users with the URL where they can download the certificate onto their devices.

     

    P.S. i`m now using Lync 2010 on all i-Devices in my enterprise. Also, i suggest to everyone use this manual

    URL http://download.microsoft.com/download/C/A/2/CA20D75B-28DC-4E0F-9E63-AD50DBD1FE9B/LS_Mobility.doc

     
  • 2012年1月3日 下午 08:43
     
     
    登入以投票
    0

    Hello ,

     

    I tried to email the certificate as you specified and i still get the error ther it can't be verified.  Lync works great with android devices but not iOS.  any suggestions?

     

    thanks

     
  • 2012年1月5日 下午 10:28
     
     
    登入以投票
    0
    This really isn't specific enough to be an accepted solution. For example, how do you do number 2 or 3? Emailing a cert isn't easy, as Outlook blocks the files and installing via Safari using the Microsoft CA is a multi-step process. I'll look into how to implement option 3 using a MS CA.
     
  • 2012年3月15日 上午 08:55
     
     
    登入以投票
    0

    Hi there,

    i have the same issue with certificate in Iphone / Ipad but not in android.

    in my android phone, it will automatically install CA root. but Iphone / Ipad i have a trick for that.

    generate the certificate from lync server 2010 into PFX file. then export root Certificate into PFX too. send all the pfx certificate using email or cable data into Iphone / Ipad device. then install the Certificate. u will find the certificate in General > profiles.

    then login lync 2010 normally.

    thats what i do for Root CA in my iphone / ipad.

    still dont know why the apple device cannot automatically install Root CA certificate. -cheers-

     
  • 2012年4月3日 下午 01:24
     
     
    登入以投票
    0

    I used the following blog to get mine working:

    http://www.bricomp.com/blogs/archives.cfm/category/lync

    Emailing an exported certificate did not work for me, I had to use the Apple Mobile Configuration Utility to create the profile with the CA root certificate.

     
  • 2012年4月26日 上午 09:09
     
     
    登入以投票
    0

    Hi CalPeete,

    What if you dont have a hardware load balancer and Lync on the Iphone works internally , but Externally it doesnt work it gives unable to verify the certificate.

    any ideas of how to fix this?

    thanks.....

     
  • 2012年10月12日 下午 04:28
     
     
    登入以投票
    0

    What certificate are you exporting?  The OAuth cert or the Lync Default Certificate?

    OAuth is issued to my domain.com and the Lync Default Certificate is issued to lync.domain.com 

    I emailed them both and picked them up on the iphone through it's mail app.  Installed them but I still get the same error.

    This is with the 2013 (preview) server installed.

     
  • 2012年12月1日 下午 07:21
     
     提議的解答
    登入以投票
    0

    You can go to Lync server's IIS, under IIS top site (not your Lync default site)-> server certificate

    choose the certificate you created (it should have been created  as domain certificate from your own CA)

    right click and click export

    you can export as pfx as default.

    save it email.

    Ipad need it. PC can use pfx or p7b. I exported p7b from CA console.

    • 已提議為解答 Perry_Support 2013年1月16日 下午 02:11
    •