jaroping
asked on
Lync 2010 Edge server certificates
I need help renewing 1 internal and 1 external cert. that have expired on a Lync Edge server. Both were issued by our internal enterprise CA. Shown in IIS cert store on the server issued to the same address of the server also contain additional SANs. Template used: webserver with client authentication.
How do I renew those 2 newly expired certs through the deployment wizard, install or update, step 3 or IIS directly?
Other certs issue by external CA are listed in the deployment wizard, should those internally issued, expired certs be listed there as well for renewal? Your expert advice would be greatly appreciated along with instructions since I am not familiar with the process.
Regards, Jarek
How do I renew those 2 newly expired certs through the deployment wizard, install or update, step 3 or IIS directly?
Other certs issue by external CA are listed in the deployment wizard, should those internally issued, expired certs be listed there as well for renewal? Your expert advice would be greatly appreciated along with instructions since I am not familiar with the process.
Regards, Jarek
You should use the deployment wizard to configure and generate the csr's to either be signed online by your internal CA or offline by an external CA
ASKER
Thank you for your comment Irweazelwallis. Would you be able to provide more details on the process. I do not recall ever been prompted for a common name using a wizard who is that info populated. What would be the process of importing those certs after they have been generated.
Also, I can only select that template from the root CA should I use the root to generate the cert (our setup consists of both root and subordinate. Please advise.
Also, I can only select that template from the root CA should I use the root to generate the cert (our setup consists of both root and subordinate. Please advise.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Thank you irweazelwallis.
It was as simple as following the wizard and renewing the cert using web templete. Only internal interface can be signed by an internal CA.
It was as simple as following the wizard and renewing the cert using web templete. Only internal interface can be signed by an internal CA.
glad it went ok