Certificate reqrement for Lync 2013


We are gonna deploy Lync 2013. I need to know can we remove any SAN Fqdns from the below list ?

Who is Participating?
Jeff_SchertzConnect With a Mentor Commented:
This article clearly explains how each of the FQDNs are utilized in Lync Server, and I suggest reading through it: http://blog.schertz.name/2012/07/lync-edge-server-best-practices

You cannot use a single certificate for all Lync server roles, you'll need to at minimum get three certificates for a standard deployment of a single Standard Edition Front End Server, a single Edge Server, and a single Reverse Proxy server.  Although not best practice you can bundle the external Edge and Reverse Proxy roles into a single Public certificate, but you will still need a second certificate for the internal Edge interface and a third certificate for the internal Front-End Server.

Depending on your configuration and desired feature-set it could be different.  There is no single answer to this basic question that applies to all.

The access.contoso.com is entirely optional and can be skipped as you can also access the Lync Server Control Panel from the same FQDN used for the internal Web Services, it is redundant.

The webapp.contoso.com FQDN is also a duplicate as for a Standard Edition server the server's own FQDN would be used as the internal Web Services FQDN.
Patrick BogersDatacenter platform engineer LindowsCommented:

Sure you can, contoso.com is an example domain owned by Microsoft for training purposes.
Try browsing to any one of them and find yourself ending up at Microsoft.

Those records are meaningless.
Kanchana_SilvaAuthor Commented:
I replaced my company domain name with the contoso.com as example.
Patrick BogersDatacenter platform engineer LindowsCommented:
ok understood.

On this link is explained what each SAN is used for, you need to figure out what is applicable in your situation.
Kanchana_SilvaAuthor Commented:
Hello jeff,

I am asking about external Publish.

Should we add Webapp.contoso.com for External Presentation sharing ?

We should add access.contoso.com because its the FQDN of Access Edge. ?

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.