Solved

Lync Server 2013 CA Request Configuration Issue on Windows Server 2012

Posted on 2013-12-26
5
2,041 Views
Last Modified: 2014-01-02
Heyas,

When Choosing a certification Authority for the Lync Server following the guidelines of the following document: http://windowspbx.blogspot.no/2012/07/step-by-step-installing-lync-server.html

I get the following warnings on the Certificate Request - Executing Commands screen.

Create a certificate request based on Lync Server configuration for this computer.
Issued thumbprint "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" for use "Default,WebServicesInternal,WebServicesExternal" by "winsvr-dc.labs.local\labs-WINSVR-DC-CA".
 WARNING: The chain of the certificate "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" is invalid.
No changes were made to the Central Management Store.
Creating new log file "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".
 WARNING: "Request-CSCertificate" processing has completed with warnings. "1" warnings were recorded during this run.
 WARNING: Detailed results can be found at "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".

Could anyone enlighten me as to what is going on,  I am running Microsoft Lync 2013 on Windows Server 2012.

Thank you.
0
Comment
Question by:Zack
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 39741267
Hi There,

Do you have internal CA ? and can you check if you have root ca cert and intermediate cert pushed into local computer cert store? If not then add it.

This is a warning not an error, so this step would have completed with warning. Basically what that error means is that your certificate chain is not valid i.e. root ca -- intermediate ca-- issued certificate.

Can you manually check the certificate from mmc and check if it's valid and if it has got the private keys?

Regards
Nav
0
 

Author Comment

by:Zack
ID: 39741386
Hi V-2nas,

I am complete Windows Server 2012 noob, I need some clarification.

How do I check if I have an internal CA?
How do I check if the root ca cert and intermediate cert pushed into local computer cert store
How do I manually check the certificate from MMC and check if it's valid and that it has private keys.

Thank you.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 500 total points
ID: 39741421
Ok,

A1. Internal CA is role installed on your windows server just like Domain Services/ DNS etc. You can launch server manager and check if you have Active Directory Certificate Services installed or not. It has to be installed manually. Some organizations keep internal CA while some uses third party certificates.

A2. Once you install the certificate, certificate chain gets installed automatically if it's internal CA.

I believe you don't have internal CA. Here is a blog post on how to install internal CA
http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/

Regards,
Nav
0
 

Author Comment

by:Zack
ID: 39743601
Thank for these tips. I will try them when I get to the office on monday.
0
 

Author Closing Comment

by:Zack
ID: 39752936
Installing the Internal CA again worked.

Thank you.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Understanding the various editions available is vital when you decide to purchase Windows Server 2012. You need to have a basic understanding of the features and limitations in each edition in order to make a well-informed decision that best suits y…
I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question