Solved

Cannot sign into Lync with non domain windows 10 machine

Posted on 2016-08-30
3
55 Views
Last Modified: 2016-11-22
Hi all, I'm trying to sign into my corporate Lync server using my non-domain surface pro 3 running windows 10. I have a regular dell windows 7 machine on domain that can. When logging in I get the error" There was a problem verifying the certificate". Event viewer has an error:

"Lync could not connect securely to server myserver.mydomain.local because the certificate presented by the server was not trusted due to validation error 0x80090325.  The issuing certificate authority (CA) for the server's certificate may not be locally trusted by the client, the certificate may be revoked, or the certificate may have expired."

I have tried exporting all related certificates from the working windows 7 machine and importing them onto my surface with no luck. Any other ideas?
0
Comment
Question by:Michael
3 Comments
 
LVL 15

Accepted Solution

by:
Ivan earned 500 total points
ID: 41776168
Hi,

so it seams that your corporate Lync server is using certificate from internal CA?
Did you try to export root CA certificate from CA, and import into Trusted Root Certification Authority?
Do that manually, don't choose "automatically import into store" when you try importing, since sometimes it goes to wrong store.
If you have intermediate CA, import that cert into "Intermediate Cert.." store.

Confirme that those certs are in those stores.

Regards,
Ivan.
0
 
LVL 1

Expert Comment

by:it_medcomp
ID: 41776222
Are you the only one having the problem? I'd start there, because there are three possibilities mentioned: The CA is not trusted, the certificate may have been revoked, or the certificate may have expired. To really know without having to involve multiple people, you can visit testconnectivity.microsoft.com and run the connectivity test for SfB2015 or Lync 2013, depending on what is on your computer. The results will allow you to drill down and it will give detail about your certificate problem, then you can proceed from there. It's free and takes about 2 minutes.
0
 
LVL 1

Author Closing Comment

by:Michael
ID: 41779180
Guys thanks both. I solved it by taking a closer look at the certs. Although I was importing all the certs related to my company, I noticed most of the certs where issued by Entrust. On my domain machine I had a lot of certs for Entrust also which I didn't on my non domain machine. Importing those certs fixed the issue.

Thanks
0

Join & Write a Comment

This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now