locked
New Edge certificate RRS feed

  • Question

  •  Hi,

     this is actually Lync 2013 question, hop it is ok here.

      I need new certificate for my Edge servers. Lync 2013 certification tools creates a CR with SHA1.

      I am guessing that all 3rd party Certificate issuer create  new certificate with SHA256 even if it says  SHA1 on CR, is that correct.

      My question is, if I get a SHA256 certificate, will Lync 2013 be able to handle it or do I need to make any changes?.

     thanks


    Erro


    • Edited by Erró Thursday, January 25, 2018 1:24 PM
    Thursday, January 25, 2018 1:18 PM

Answers

  • You are correct, and you will be fine.  It doesn't matter what the CR says, the encryption used will be determined by the certificate authority.

    Please remember, if you see a post that helped you please click "Vote" on the left side of the response, and if it answered your question please click "Mark As Answer". SWC Unified Communications This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, SWC, their employees, or other MVPs.

    • Marked as answer by Erró Wednesday, February 7, 2018 8:07 AM
    Thursday, January 25, 2018 8:01 PM

All replies

  • You are correct, and you will be fine.  It doesn't matter what the CR says, the encryption used will be determined by the certificate authority.

    Please remember, if you see a post that helped you please click "Vote" on the left side of the response, and if it answered your question please click "Mark As Answer". SWC Unified Communications This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, SWC, their employees, or other MVPs.

    • Marked as answer by Erró Wednesday, February 7, 2018 8:07 AM
    Thursday, January 25, 2018 8:01 PM
  •  Hi Anthony,

     thanks for your reply.

     So I do not need to run something like this "certutil -setreg ca\csp\CNGHashAlgorithm SHA256"

      to make this  work  SHA256 work on My edge servers , I am running version 5.0.8308.920 of Lync 2013 and

      it looks like the last Windows update  was done on 28-11-2016 ??

      (I only recently got to administrate this system  :(  )

     thanks again,

     


    Erro

    Friday, January 26, 2018 5:58 AM
  • Nothing like that, just submit it to the third party CA and you'll get a SHA256 back.

    Please remember, if you see a post that helped you please click "Vote" on the left side of the response, and if it answered your question please click "Mark As Answer". SWC Unified Communications This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, SWC, their employees, or other MVPs.

    Friday, January 26, 2018 3:33 PM
  • Are there any update for this issue ,if the reply is helpful to you, please try to make it as an answer ,it will help others who has similar issue.


    Best Regards,
    Leon Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, January 29, 2018 10:13 AM