PROJHOPE
asked on
OCS 2007 Cert Problem.
I have installed Microsoft OCS 2007 standard. I had it installed with an internal Cert from our CA but that made it hard for computers not in my domain to connect to it. So I got a Wildcard Cert from godaddy, now my Live meeting client will not connect to server. I also have this error on the server. I did see someone had this with a Verisign cert also. I need for poeple outside my domain to be able to connect to our livemeeting server and IM server.
Remote principal name is not configured in trusted server list.
The subject name *.projecthope.org of the certificate assigned to process IMMcuSvc(5068) was not found in the trusted server list.
Certificate serial number: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Certificate issuer name: 416CE4.
Resolution:
Verify that the Subject Name of the certificate presented by the remote peer is configured in the trusted server list.
Remote principal name is not configured in trusted server list.
The subject name *.projecthope.org of the certificate assigned to process IMMcuSvc(5068) was not found in the trusted server list.
Certificate serial number: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Certificate issuer name: 416CE4.
Resolution:
Verify that the Subject Name of the certificate presented by the remote peer is configured in the trusted server list.
I nstall the certificate on the machine in the trusted root certificate.
ASKER
Remote principal name is not configured in trusted server list.
I added the .cer to my Trusted Root Cerification Authorities, changed And I am still getting this error.
If I stop the services and try to start them again I get the 2nd error.
The subject name *.projecthope.org of the certificate assigned to process DataMCUSvc(5504) was not found in the trusted server list.
Certificate serial number: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Certificate issuer name: 416CE4.
Resolution:
Verify that the Subject Name of the certificate presented by the remote peer is configured in the trusted server list
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7024
Date: 10/19/2007
Time: 11:27:31 AM
User: N/A
Computer: HQ-APPS2
Description:
The Office Communications Server Front-End service terminated with service-specific error 3287185878 (0xC3EE79D6).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I added the .cer to my Trusted Root Cerification Authorities, changed And I am still getting this error.
If I stop the services and try to start them again I get the 2nd error.
The subject name *.projecthope.org of the certificate assigned to process DataMCUSvc(5504) was not found in the trusted server list.
Certificate serial number: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Certificate issuer name: 416CE4.
Resolution:
Verify that the Subject Name of the certificate presented by the remote peer is configured in the trusted server list
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7024
Date: 10/19/2007
Time: 11:27:31 AM
User: N/A
Computer: HQ-APPS2
Description:
The Office Communications Server Front-End service terminated with service-specific error 3287185878 (0xC3EE79D6).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Wildcard certificates are not supported by OCS, you must use UCC cert which list subject alternate names. This is more of an issue with TLS than godaddy although you have to get certificate chaining on the hosting web or OCS server working correctly for everything to function.
may i know if this was resolved? im also using godaddy an have the same error.
I am still working on the problem. I did talk with GoDaddy support and they said that a UCC certificate is the best option for OCS. They did mention that some of their customers had managed to make a wildcard certificate work, but they didn't know the details.
We purchased a UCC cert and I am working on using this rather than than using the Wildcard. I will update this question with the results.
We purchased a UCC cert and I am working on using this rather than than using the Wildcard. I will update this question with the results.