Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Lync 2013 Certificate Requirement

Posted on 2013-11-17
10
Medium Priority
?
3,328 Views
Last Modified: 2013-11-18
Hello Experts,

I have deployed Lync 2013 Standard Edition. I have only 2 public IP's. I am using for Web external service and edge server.

I need to purchase and request a single certificate that I can use on Lync and Lync Edge service for external access. Is that possible.

I don't want to purchase Wildcard Certificate.
I would highly appreciate any help.

Thanks
0
Comment
Question by:cciedreamer
  • 6
  • 4
10 Comments
 
LVL 38

Expert Comment

by:Mahesh
ID: 39654410
You can use Public SAN certificate for your scenario

Certificate requirements for Lync 2013
http://technet.microsoft.com/en-us/library/gg398094.aspx

To generate Certificate CSR
http://www.digicert.com/csr-creation-lync-2013.htm

To install Certificate
http://www.digicert.com/ssl-certificate-installation-lync-2013.htm
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39655558
Thanks.

How do I request a new certificate from lync that include required URL's

Thanks
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39655610
Hello,,

I request a single certificate with SN and SAN

SN = sip.domain.com
SAN = meet.domain.com
SAN=  admin.domain.com
SAM= dialin.domain.com

Thanks
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 38

Expert Comment

by:Mahesh
ID: 39655615
You can logon to edge server and run Lync "Request, install or assign" setup wizard and select Edge External and follow the on scrren steps
Normally setup will generate required Subject alternative names (SAN) automatically.
you may specify and additional SAN names if required.
The below article explains how to generate Certificate request on Edge Server
http://technet.microsoft.com/en-us/library/gg398409.aspx
http://www.digicert.com/csr-creation-lync-2013.htm with screen shots
Thanks
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39655624
OK Got it.

Request a new certificate on Edge Server and add the required domain names. Export it to Lync Frond End Server.

I would highly appreciate if you can provide me steps to export add exported the certificate on Lync Front End.
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 39655685
You have asked question about edge server in original question
For front end server certificate requirements, please check below MS article
http://technet.microsoft.com/en-us/library/gg398094.aspx
I suggest you to collect all required URLs first for Edge Server and fornt end server
U can have public certificates with SAN for all servers

Please review certificate requirements for Lync 2013 entirely before proceeding.
http://technet.microsoft.com/en-us/library/gg398066.aspx
In above URL, you will find cert requirements for Edge external interface, Edge internal interface, front end servers and so on.

You can export certificate from certificate personnel store through MMC with private Key from windows server.Check below articles
http://technet.microsoft.com/en-us/library/cc785830(v=ws.10).aspx
https://www.geocerts.com/support/migrate_iis

please hire any consultant if you need help in identifying lync specific certificate requirements for your organisation for all servers.

Thanks
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39655689
Hello Mahesh,
Sorry for typo mistakes.

My concern I want to purchase and use only 1 certificate that can be used Lync Simple URL ( web external access) and Lync Edge Server.

So my question how do I generate a certificate request that will required SN and SAN ?

Thanks for your support
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39655724
The certificate request can be generated through Lync Setup which I already mentioned in previous posts.
For required certificate SAN URLs for Edge and Frontend servers, check belwo link
http://technet.microsoft.com/en-us/library/gg398066.aspx
please hire any consultant if you need help in identifying lync specific certificate SAN URL requirements for edge and front end server for your organisation.
Thanks
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39655738
Actually we are not using for Enterprise Solution, we just to integrate with Polycom HDX Video Conferencing.
0
 
LVL 3

Author Closing Comment

by:cciedreamer
ID: 39657535
Thanks
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question