Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Lync Server 2013 CA Request Configuration Issue on Windows Server 2012

Posted on 2013-12-26
5
Medium Priority
?
2,202 Views
Last Modified: 2014-01-02
Heyas,

When Choosing a certification Authority for the Lync Server following the guidelines of the following document: http://windowspbx.blogspot.no/2012/07/step-by-step-installing-lync-server.html

I get the following warnings on the Certificate Request - Executing Commands screen.

Create a certificate request based on Lync Server configuration for this computer.
Issued thumbprint "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" for use "Default,WebServicesInternal,WebServicesExternal" by "winsvr-dc.labs.local\labs-WINSVR-DC-CA".
 WARNING: The chain of the certificate "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" is invalid.
No changes were made to the Central Management Store.
Creating new log file "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".
 WARNING: "Request-CSCertificate" processing has completed with warnings. "1" warnings were recorded during this run.
 WARNING: Detailed results can be found at "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".

Could anyone enlighten me as to what is going on,  I am running Microsoft Lync 2013 on Windows Server 2012.

Thank you.
0
Comment
Question by:Zack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 39741267
Hi There,

Do you have internal CA ? and can you check if you have root ca cert and intermediate cert pushed into local computer cert store? If not then add it.

This is a warning not an error, so this step would have completed with warning. Basically what that error means is that your certificate chain is not valid i.e. root ca -- intermediate ca-- issued certificate.

Can you manually check the certificate from mmc and check if it's valid and if it has got the private keys?

Regards
Nav
0
 

Author Comment

by:Zack
ID: 39741386
Hi V-2nas,

I am complete Windows Server 2012 noob, I need some clarification.

How do I check if I have an internal CA?
How do I check if the root ca cert and intermediate cert pushed into local computer cert store
How do I manually check the certificate from MMC and check if it's valid and that it has private keys.

Thank you.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 2000 total points
ID: 39741421
Ok,

A1. Internal CA is role installed on your windows server just like Domain Services/ DNS etc. You can launch server manager and check if you have Active Directory Certificate Services installed or not. It has to be installed manually. Some organizations keep internal CA while some uses third party certificates.

A2. Once you install the certificate, certificate chain gets installed automatically if it's internal CA.

I believe you don't have internal CA. Here is a blog post on how to install internal CA
http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/

Regards,
Nav
0
 

Author Comment

by:Zack
ID: 39743601
Thank for these tips. I will try them when I get to the office on monday.
0
 

Author Closing Comment

by:Zack
ID: 39752936
Installing the Internal CA again worked.

Thank you.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question