cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Exchange UM Certificate Confusion

Craig Unterborn
Copper Contributor

‎Oct 16 2017 08:20 AM - edited ‎Oct 17 2017 05:36 AM

‎Oct 16 2017 08:20 AM - edited ‎Oct 17 2017 05:36 AM

Exchange UM Certificate Confusion

We currently have Exchange 2010 & 2016 with Lync Server 2013.  Right now, we have Exchange 2010 UM setup as a single-role-server.  The UM server uses a self-signed certificate and Lync only works with UM if we imported this self-signed certificate onto each Lync FE server.  Our Exchange & Lync environments uses separate 3rd party Digicert certificates.

 

As we're deploying Exchange 2016 (with all roles on it), we'd like to avoid having to import multiple certificates onto each Lync server and avoid using Self-signed. From what I have been reading, it says you need to have the FQDN of each UM server in the SAN certificate including any of the DNS names that Lync uses.  Our current Exchange certificate is used for every service internally and externally and same goes for Lync, respectively.  We'd like to not have to purchase another certificate that only has the FQDNs of each Exchange server nor have to put the FQDNs in one of the current certificates.  Any suggestions?

 

I hope that makes sense. Thanks for your help in advance.

1,783 Views
0 Likes
1 Reply
Reply
1 Reply
Paul Bloem

‎Jun 04 2019 10:21 AM

‎Jun 04 2019 10:21 AM

Re: Exchange UM Certificate Confusion

Hi @Craig Unterborn, what I usually do in ensure that the FQDN of the server hosting the UM service is present in the SAN entry of the Exchange cert. Then simply assign the cert to the UM services. Since all the Lync\Skype servers trust the issuing authority they will in turn trust the UM services.

Let us know how you progress.

0 Likes
Reply