Solved

Lync 2010 client -  problem verifying the certificate from the server

Posted on 2015-02-05
17
9,183 Views
Last Modified: 2015-02-09
I am having issues signing on to my Lync account from my PC only. I was able to sign in from a member server in my domain.

However, when I sign on using my PC i get an error  "cannot sign in to lycn - there was a problem verifying the certificate from the server."

I cleared my Lync cache and even remove a cert from the "Personal" container in the certmgr which I believe was suppose to be for my Lync.

I flushed dns, rebooted a few times and followed a few MS KB's and still no luck.

I believe the problem in fact is related to a cert.

How can I go about requesting a new cert? I haven't touched the CA world in sometime..

thx
0
Comment
Question by:tobe1424
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 6
17 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40591572
If this is something that is only happening on your machine speficically then it probably is not the cert itself. Might be your Windows Porfile. Can you create a new profile and then try and login.

Will.
0
 

Author Comment

by:tobe1424
ID: 40591684
I should try to do that...but i have tons of things on my profile

would there be any other way to try this without loosing my profile?
0
 

Author Comment

by:tobe1424
ID: 40592018
I was thinking there is now a problem with the cert on my PC? I thought there needs to be a cert installed on the Lync client(pc) in order for me to auth ?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40592029
You can create a backup of your profile and then import it after to restore your profile items.

would there be any other way to try this without loosing my profile?

If you logged into another machine you have then tested that another profile corrected the issue.

Are you using an internal CA or is your cert from a 3rd party SSL provider? If it is from and internal CA then it might be the cert on your machine but that should be easy to correct. Just export the cert from a working machine and import it into yours.

Will.
0
 

Author Comment

by:tobe1424
ID: 40592104
it is an internal CA ..

i am not sure exactly where to find it. well. maybe its the correct one.. so i connected to a server. logged in using my lync account..

open cert mgr and navigate to personal - certificates -

in here i had saw the communicator ( lync i suppose) cert which i exported and then imported on my client pc.

Same error. however, I am not sure if the export/import is transpiring correctly. There is a private key associated however, I am not sure this is been imported
0
 

Author Comment

by:tobe1424
ID: 40592258
it seems like whoever created the certificate did not mark the private key as exportable.

So is my only choice to create a new one from scratch? how would I do this?

I would like to avoid messing with my profile seeing that it is 90GB
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40592598
You do not want to re-issue certs for Lync as you will need to re-publish the enitre topology. What is so hard about re-creating your profile?

- rename your profile to profilename.old
- login with your account, let it create a new profile
- test to ensure you can connect to Lync
- once this is verified copy your my docs/favs/desktop items to your new profile

Thats it

Will.
0
 

Author Comment

by:tobe1424
ID: 40593773
i will give it a shot
0
 

Author Comment

by:tobe1424
ID: 40594110
prior to renaming it to .old i created a local account on my PC ( not a domain account)

I logged in and tried to connect to lync and received the same message.  However, i am not sure if this has to do with the fact that I am not using an AD account or simply because the problem continues

Would reinstalling Lync be worth a shot?
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40594193
It could in fact be the cert on your machine specifically, because the cert is located on the Computer Account personal store.

Although not testing with a domain account is not the best test. I would do this first.

Trying to least invasive methods first is always the best method to avoid more work so try to uninstall/reinstall.

But based on your testing on other machines it does appear to be machine related. You just have to figure out if it is Profile/Client/Cert/.

Will.
0
 

Author Comment

by:tobe1424
ID: 40594724
i complete reinstalled the application. Still no luck.

I noticed that I removed the cert from the personal store -  the one i imported from a server but that didn't work because the private key is not exportable.

Anyhow, when I try connect, a new cert isn't generated in the personal store.

For some reason i don't think my profile will be the fix.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40596501
Couple of possibilities to try.

1.

Is the time and date correct on your PC? Is it sync'd with the domain?

2.

You said this only happens when from your PC. So I assume your account works fine from another PC. What happens when someone else logs into your PC? Do they get the cert error?

3.

Can you try removing your PC from the domain, rebooting, and adding your PC back to the domain?

4.

Do you have any static entries in your HOSTS file?
0
 

Author Comment

by:tobe1424
ID: 40598611
Thanks again for the input. No static hosts file entries. I haven't tested with someone elses account on my pc but..

I just remove the computer from the domain. I sysprepped it. joined the computer back to the domain.. same error

lync cert error
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40598637
Has this been tested on another machine?

Will.
0
 

Author Comment

by:tobe1424
ID: 40598651
i just fixed the issue. by desktop team pointed me to the correct CA Certs and I imported them in to my trusted root store.

all works fine now
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40598676
Glad that your issue is now resolved.

Will.
0
 

Author Comment

by:tobe1424
ID: 40598744
thanks will.

Yea it looks like I was missing the certs. However, I am not sure why it worked for some months before this error message. I will leave that as a mystery.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
The viewer will learn how to simulate a series of coin tosses with the rand() function and learn how to make these “tosses” depend on a predetermined probability. Flipping Coins in Excel: Enter =RAND() into cell A2: Recalculate the random variable…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question