locked
Can't login after renewal of the default certificate RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi there,

    a few days ago our Skype for Business 2015 server denied any login attempts. Turned out the default certificate expired and I had to request and assign a new one. We're using our own certificate authority.
    After the renewal (and assignment), which showed no errors, I restarted the FE. But still, no client can login to this server.

    Client log says:

    06/21/2017|14:42:23.918 4558:36AC ERROR :: SECURE_SOCKET: negotiation failed: 80092012, principal name: [server.company.local]
    06/21/2017|14:42:23.921 4558:4730 ERROR :: CSIPTransportLayerSecurity::OnTlsNegotiationComplete (1C5477C8) failed with 0x80ee0069. Raising OnConnect with the same error
    06/21/2017|14:42:23.921 4558:4730 ERROR :: CSIPClientConnection::OnConnect (80ee0069) this: 0E708FF0

    I already tried to clear the client cache and client login credentials, but the problem persists.

    Any hint is appreciated! Thanks in advance.


    • Edited by llox Wednesday, June 21, 2017 12:53 PM
    Wednesday, June 21, 2017 12:46 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Found it!

    For some reason the guy that administers the CA at our company disabled the publication of the certificate revocation list (CRL). Those certificates do not work. I re-enabled it and the newly requested and assigned certificate works.

    • Marked as answer by llox Wednesday, June 21, 2017 3:13 PM
    Wednesday, June 21, 2017 3:13 PM