asked on

Are certificates issued by Microsoft Certification Authority compatible with Office Communications Server 2007?

Are certificates issued by Microsoft Certification Authority compatible with Office Communications Server 2007?

I am attempting a test run of OCS 2007 standard, and because it's a test I don't want to pay £100 or more for a certificate. I have Microsoft's certification authority (v 5.2.3790.3959) installed on the same machine.

If the certificates are compatible, I presume I will need to name them the same as my external url?
If so, how does this affect internal users?

ASKER CERTIFIED SOLUTION

plug1

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

gaanthony

Coexistent of the Microsoft Certificate Authority (MSCA) installation on the same server as OCS is not supported.
Recommendation is to install an Enterprise MSCA on a member server running Windows Server 2003 Enterprise Edition so that you can modify the templates and have support for Root CA autoenrollment.
MSCA on Standard Edition is supported but you'll need to use the OCS Certificate Wizard to request certificates that have the private key exportable.
It is also recommended in the documentation to use the Microsoft CA for internal certificates for OCS.
You'll need external 3rd party certificates for the Access Edge and Reverse Proxy external interfaces as external users will not have access to your internal MS Root CA and will not trust the certificates.
The complete OCS 2007 Documentation rollup can be downloaded from http://www.microsoft.com/downloads/details.aspx?FamilyId=760A3FF9-7F82-4A5F-841D-5E528B1DA334&displaylang=en.
The Edge Server deployment guide covers public certificate requirements. Other related docs cover the internal certificate requirements.