Minimum number of certs required for small Lync deployment RRS feed

  • Question

  • What is the minimum number of public/external certificates needed for a small Lync deployment with Edge?

    50 users with 20 of those needing external access.

    One VM hosting Front End

    One VM hosting Edge

    In other words, can all the URL's (simple URL's, ext. webservice URL's, and Access Edge URL's) be rolled into one UCC/SAN certificate and that certificate be installed on both the reverse proxy and the edge?

    Wednesday, August 17, 2011 1:41 PM


  • Hi Japheth,

    You can have a single certificate as you stated.

    Just make sure that the Access Edge external fqdn (sip.domain.com) is on both the Subject Name and Subject Alternate Nam and rest of the names are on Subject Alternate Name.


    For Lync Server 2010, this is no longer a requirement, but it is still recommended for compatibility with Office Communications Server.  (I mean having access edge fqdn on the Subject Name)


    Please check Certificate Requirements for External User Access guide for details.


    • Proposed as answer by Sharon.Shen Thursday, August 18, 2011 10:41 AM
    • Marked as answer by JapNolt Thursday, August 18, 2011 2:35 PM
    Wednesday, August 17, 2011 6:38 PM