Solved

Cannot sign into Lync with non domain windows 10 machine

Posted on 2016-08-30
3
115 Views
Last Modified: 2016-11-22
Hi all, I'm trying to sign into my corporate Lync server using my non-domain surface pro 3 running windows 10. I have a regular dell windows 7 machine on domain that can. When logging in I get the error" There was a problem verifying the certificate". Event viewer has an error:

"Lync could not connect securely to server myserver.mydomain.local because the certificate presented by the server was not trusted due to validation error 0x80090325.  The issuing certificate authority (CA) for the server's certificate may not be locally trusted by the client, the certificate may be revoked, or the certificate may have expired."

I have tried exporting all related certificates from the working windows 7 machine and importing them onto my surface with no luck. Any other ideas?
0
Comment
Question by:Michael
3 Comments
 
LVL 16

Accepted Solution

by:
Ivan earned 500 total points
ID: 41776168
Hi,

so it seams that your corporate Lync server is using certificate from internal CA?
Did you try to export root CA certificate from CA, and import into Trusted Root Certification Authority?
Do that manually, don't choose "automatically import into store" when you try importing, since sometimes it goes to wrong store.
If you have intermediate CA, import that cert into "Intermediate Cert.." store.

Confirme that those certs are in those stores.

Regards,
Ivan.
0
 
LVL 1

Expert Comment

by:it_medcomp
ID: 41776222
Are you the only one having the problem? I'd start there, because there are three possibilities mentioned: The CA is not trusted, the certificate may have been revoked, or the certificate may have expired. To really know without having to involve multiple people, you can visit testconnectivity.microsoft.com and run the connectivity test for SfB2015 or Lync 2013, depending on what is on your computer. The results will allow you to drill down and it will give detail about your certificate problem, then you can proceed from there. It's free and takes about 2 minutes.
0
 
LVL 1

Author Closing Comment

by:Michael
ID: 41779180
Guys thanks both. I solved it by taking a closer look at the certs. Although I was importing all the certs related to my company, I noticed most of the certs where issued by Entrust. On my domain machine I had a lot of certs for Entrust also which I didn't on my non domain machine. Importing those certs fixed the issue.

Thanks
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Having trouble getting your hands on Dynamics 365 Field Service or Project Service trial? Worry No More!!!
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question