[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 240
  • Last Modified:

Cannot sign into Lync with non domain windows 10 machine

Hi all, I'm trying to sign into my corporate Lync server using my non-domain surface pro 3 running windows 10. I have a regular dell windows 7 machine on domain that can. When logging in I get the error" There was a problem verifying the certificate". Event viewer has an error:

"Lync could not connect securely to server myserver.mydomain.local because the certificate presented by the server was not trusted due to validation error 0x80090325.  The issuing certificate authority (CA) for the server's certificate may not be locally trusted by the client, the certificate may be revoked, or the certificate may have expired."

I have tried exporting all related certificates from the working windows 7 machine and importing them onto my surface with no luck. Any other ideas?
0
Michael
Asked:
Michael
1 Solution
 
IvanSystem EngineerCommented:
Hi,

so it seams that your corporate Lync server is using certificate from internal CA?
Did you try to export root CA certificate from CA, and import into Trusted Root Certification Authority?
Do that manually, don't choose "automatically import into store" when you try importing, since sometimes it goes to wrong store.
If you have intermediate CA, import that cert into "Intermediate Cert.." store.

Confirme that those certs are in those stores.

Regards,
Ivan.
0
 
it_medcompCommented:
Are you the only one having the problem? I'd start there, because there are three possibilities mentioned: The CA is not trusted, the certificate may have been revoked, or the certificate may have expired. To really know without having to involve multiple people, you can visit testconnectivity.microsoft.com and run the connectivity test for SfB2015 or Lync 2013, depending on what is on your computer. The results will allow you to drill down and it will give detail about your certificate problem, then you can proceed from there. It's free and takes about 2 minutes.
0
 
MichaelAuthor Commented:
Guys thanks both. I solved it by taking a closer look at the certs. Although I was importing all the certs related to my company, I noticed most of the certs where issued by Entrust. On my domain machine I had a lot of certs for Entrust also which I didn't on my non domain machine. Importing those certs fixed the issue.

Thanks
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now