Lync Server 2013 CA Request Configuration Issue on Windows Server 2012

Heyas,

When Choosing a certification Authority for the Lync Server following the guidelines of the following document: http://windowspbx.blogspot.no/2012/07/step-by-step-installing-lync-server.html

I get the following warnings on the Certificate Request - Executing Commands screen.

Create a certificate request based on Lync Server configuration for this computer.
Issued thumbprint "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" for use "Default,WebServicesInternal,WebServicesExternal" by "winsvr-dc.labs.local\labs-WINSVR-DC-CA".
 WARNING: The chain of the certificate "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" is invalid.
No changes were made to the Central Management Store.
Creating new log file "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".
 WARNING: "Request-CSCertificate" processing has completed with warnings. "1" warnings were recorded during this run.
 WARNING: Detailed results can be found at "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".

Could anyone enlighten me as to what is going on,  I am running Microsoft Lync 2013 on Windows Server 2012.

Thank you.
ZackGeneral IT Goto GuyAsked:
Who is Participating?
 
NavdeepConnect With a Mentor Commented:
Ok,

A1. Internal CA is role installed on your windows server just like Domain Services/ DNS etc. You can launch server manager and check if you have Active Directory Certificate Services installed or not. It has to be installed manually. Some organizations keep internal CA while some uses third party certificates.

A2. Once you install the certificate, certificate chain gets installed automatically if it's internal CA.

I believe you don't have internal CA. Here is a blog post on how to install internal CA
http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/

Regards,
Nav
0
 
NavdeepCommented:
Hi There,

Do you have internal CA ? and can you check if you have root ca cert and intermediate cert pushed into local computer cert store? If not then add it.

This is a warning not an error, so this step would have completed with warning. Basically what that error means is that your certificate chain is not valid i.e. root ca -- intermediate ca-- issued certificate.

Can you manually check the certificate from mmc and check if it's valid and if it has got the private keys?

Regards
Nav
0
 
ZackGeneral IT Goto GuyAuthor Commented:
Hi V-2nas,

I am complete Windows Server 2012 noob, I need some clarification.

How do I check if I have an internal CA?
How do I check if the root ca cert and intermediate cert pushed into local computer cert store
How do I manually check the certificate from MMC and check if it's valid and that it has private keys.

Thank you.
0
 
ZackGeneral IT Goto GuyAuthor Commented:
Thank for these tips. I will try them when I get to the office on monday.
0
 
ZackGeneral IT Goto GuyAuthor Commented:
Installing the Internal CA again worked.

Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.