?
Solved

Lync Server 2013 CA Request Configuration Issue on Windows Server 2012

Posted on 2013-12-26
5
Medium Priority
?
2,313 Views
Last Modified: 2014-01-02
Heyas,

When Choosing a certification Authority for the Lync Server following the guidelines of the following document: http://windowspbx.blogspot.no/2012/07/step-by-step-installing-lync-server.html

I get the following warnings on the Certificate Request - Executing Commands screen.

Create a certificate request based on Lync Server configuration for this computer.
Issued thumbprint "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" for use "Default,WebServicesInternal,WebServicesExternal" by "winsvr-dc.labs.local\labs-WINSVR-DC-CA".
 WARNING: The chain of the certificate "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" is invalid.
No changes were made to the Central Management Store.
Creating new log file "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".
 WARNING: "Request-CSCertificate" processing has completed with warnings. "1" warnings were recorded during this run.
 WARNING: Detailed results can be found at "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".

Could anyone enlighten me as to what is going on,  I am running Microsoft Lync 2013 on Windows Server 2012.

Thank you.
0
Comment
Question by:Zack
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 39741267
Hi There,

Do you have internal CA ? and can you check if you have root ca cert and intermediate cert pushed into local computer cert store? If not then add it.

This is a warning not an error, so this step would have completed with warning. Basically what that error means is that your certificate chain is not valid i.e. root ca -- intermediate ca-- issued certificate.

Can you manually check the certificate from mmc and check if it's valid and if it has got the private keys?

Regards
Nav
0
 

Author Comment

by:Zack
ID: 39741386
Hi V-2nas,

I am complete Windows Server 2012 noob, I need some clarification.

How do I check if I have an internal CA?
How do I check if the root ca cert and intermediate cert pushed into local computer cert store
How do I manually check the certificate from MMC and check if it's valid and that it has private keys.

Thank you.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 2000 total points
ID: 39741421
Ok,

A1. Internal CA is role installed on your windows server just like Domain Services/ DNS etc. You can launch server manager and check if you have Active Directory Certificate Services installed or not. It has to be installed manually. Some organizations keep internal CA while some uses third party certificates.

A2. Once you install the certificate, certificate chain gets installed automatically if it's internal CA.

I believe you don't have internal CA. Here is a blog post on how to install internal CA
http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/

Regards,
Nav
0
 

Author Comment

by:Zack
ID: 39743601
Thank for these tips. I will try them when I get to the office on monday.
0
 

Author Closing Comment

by:Zack
ID: 39752936
Installing the Internal CA again worked.

Thank you.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Understanding the various editions available is vital when you decide to purchase Windows Server 2012. You need to have a basic understanding of the features and limitations in each edition in order to make a well-informed decision that best suits …
OfficeMate Freezes on login or does not load after login credentials are input.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

599 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question