Solved

Lync Server 2013 CA Request Configuration Issue on Windows Server 2012

Posted on 2013-12-26
5
1,976 Views
Last Modified: 2014-01-02
Heyas,

When Choosing a certification Authority for the Lync Server following the guidelines of the following document: http://windowspbx.blogspot.no/2012/07/step-by-step-installing-lync-server.html

I get the following warnings on the Certificate Request - Executing Commands screen.

Create a certificate request based on Lync Server configuration for this computer.
Issued thumbprint "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" for use "Default,WebServicesInternal,WebServicesExternal" by "winsvr-dc.labs.local\labs-WINSVR-DC-CA".
 WARNING: The chain of the certificate "1650D388DBD7E1E8CF3291E58943FACFDC7C8809" is invalid.
No changes were made to the Central Management Store.
Creating new log file "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".
 WARNING: "Request-CSCertificate" processing has completed with warnings. "1" warnings were recorded during this run.
 WARNING: Detailed results can be found at "C:\Users\administrator.labs\AppData\Local\Temp\2\Request-CSCertificate-[2013_12_27][10_43_13].html".

Could anyone enlighten me as to what is going on,  I am running Microsoft Lync 2013 on Windows Server 2012.

Thank you.
0
Comment
Question by:Zack
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 39741267
Hi There,

Do you have internal CA ? and can you check if you have root ca cert and intermediate cert pushed into local computer cert store? If not then add it.

This is a warning not an error, so this step would have completed with warning. Basically what that error means is that your certificate chain is not valid i.e. root ca -- intermediate ca-- issued certificate.

Can you manually check the certificate from mmc and check if it's valid and if it has got the private keys?

Regards
Nav
0
 

Author Comment

by:Zack
ID: 39741386
Hi V-2nas,

I am complete Windows Server 2012 noob, I need some clarification.

How do I check if I have an internal CA?
How do I check if the root ca cert and intermediate cert pushed into local computer cert store
How do I manually check the certificate from MMC and check if it's valid and that it has private keys.

Thank you.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 500 total points
ID: 39741421
Ok,

A1. Internal CA is role installed on your windows server just like Domain Services/ DNS etc. You can launch server manager and check if you have Active Directory Certificate Services installed or not. It has to be installed manually. Some organizations keep internal CA while some uses third party certificates.

A2. Once you install the certificate, certificate chain gets installed automatically if it's internal CA.

I believe you don't have internal CA. Here is a blog post on how to install internal CA
http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/

Regards,
Nav
0
 

Author Comment

by:Zack
ID: 39743601
Thank for these tips. I will try them when I get to the office on monday.
0
 

Author Closing Comment

by:Zack
ID: 39752936
Installing the Internal CA again worked.

Thank you.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now