locked
Exchange 2013 & Lync 2013 - Unified Messaging and Certificates RRS feed

  • Question

  • Forgive me I do not fully understand the black art of certificates!

    We have a DAG with 6 Exchange 2013 CU7 servers.  Each server has the same internal Certificate Authority issued certificate installed for Exchange and was setup by consultants.

    We are now looking to configure EXUM and I would like to know if we should be looking at using the same certificate for UM or if we should be looking at getting a new certificate for UM?

    If we should be using the existing certificate would it need to be installed in Lync?

    If a new certificate is recommended what is guidelines for required certificate?

    I am going round in circles looking for definitive instructions without much luck.  A steer in the right direction to the best document to follow for setting up UM would be much appreciated.

    The current certificate details are as follows

    Name :- Exchange Internal Cert

    Issuer  :- Is the internal CA

    Subject :- CN=ExchangeCert

    Subject Alternative Names :- contains ExchangeCert, 6 servers FQDN, 6 Servers hostnames, the FQDN for each of the Exchange services E.g. eac,owa.

    Thursday, May 21, 2015 3:20 PM

Answers

  • Thanks for your reply. 

    The certificate I was using had all the Exchange UM servers list in the SAN but I was getting an event about every minute in the Event log.  I ended up logging a call with Microsoft and I was advised to create a separate certificate for each Exchange server with the FQDN in the subject.  This stopped the event appearing in the event log.

    • Proposed as answer by Holger Bunkradt Tuesday, May 26, 2015 9:59 AM
    • Marked as answer by PJD19 Wednesday, May 27, 2015 10:02 AM
    Tuesday, May 26, 2015 9:36 AM

All replies

  • The SAN should have all names of the Exchange UM server included, than you can assign the same certificate without problems.

    regards Holger Technical Specialist UC

    Sunday, May 24, 2015 11:03 AM
  • Thanks for your reply. 

    The certificate I was using had all the Exchange UM servers list in the SAN but I was getting an event about every minute in the Event log.  I ended up logging a call with Microsoft and I was advised to create a separate certificate for each Exchange server with the FQDN in the subject.  This stopped the event appearing in the event log.

    • Proposed as answer by Holger Bunkradt Tuesday, May 26, 2015 9:59 AM
    • Marked as answer by PJD19 Wednesday, May 27, 2015 10:02 AM
    Tuesday, May 26, 2015 9:36 AM