Certificate imported but in OAuthTokenIssuer green check mark do not appear?
Hello my Customer have Install his certificate to the Lync 2013 Server certificate console when he import the default certificate it is work with a green checkmark. But when he import
OAuthTokenIssuer the check mark do not appear why?
-
Edited by
sdechene73
Wednesday, January 28, 2015 8:22 PM
January 28th, 2015 11:20pm
Also, if you click the assign button, do you see the certificate listed that you want? Ensure that the root certification authority is in the Trusted Root Certification Authorities section of the computer certificates storage, intermediates are in
the Intermediate Certification Authorities section, and that you can confirm the private key is installed.
February 2nd, 2015 10:01am
Ok now my costumer have these two certificate with a green check mark. But we have another problem when de Service Lync Server Front End start we got this error:
Lync Server machine FQDN cannot be located in the default certificate.
<u5:p> </u5:p>
Machine FQDN: 'E02SVSLYNCFE1.domain.ca'.
Cause: This is a configuration problem.
Resolution:
Make sure the default certificate matches the machine FQDN.
Any ideas?
February 2nd, 2015 10:52am
Was the certificate purchased from a Third-Party or issued from an Internal CA?
If you look at the certificate SAN list, the required entry: 'E02SVSLYNCFE1.domain.ca' is missing. If issued from a Third-Party, internal domains are no longer supported like .local. https://www.digicert.com/internal-names.h
February 2nd, 2015 11:39am
Hello my costumer tell me the OAuth certificate is an internal certificate ans the other is provide by GlobalSign.
February 2nd, 2015 11:48am
Expand the Default Certificate in the certificate wizard and assign the GlobalSign cert to only the Web Services External, select default and Web Services Internal and request a new certificate from the Internal Certificate Authority, install and
assign.
Or install the GlobalSign certificate on the Reverse Proxy and use an Internal CA cert for all of the services under default certificate.
February 2nd, 2015 12:00pm