Jan 31 2019 05:41 AM
Hello.
This is fresh Skype for Business 2015 on-premises installation used internally only. Certificates are generated by the enterprise CA. Everything works fine too except joining a meeting with the desktop app: We couldn't join you to the meeting because the security certificate isn't trusted. This message cannot be suppressed. Eventually we will want to make it available from outside and we don't want that error then of course.
The problem is that we don't know what kind of certificate to buy, really, because it's quite complicated: 1 forest acme.world with 20 child domains, e.g. a.acme.world, c.acme.world, d.acme.world, e.acme.world, f.acme.world, etc. Externally, the address would be acme.com (we have a wildcard certificate for this). To make things more complicated, there are about 25 different SIP domains (acmesa.fr, acmegmbh.de, acmesrl.it, acmenv.be ....) too. Right now the server itself is called something like skype123.acme.world and in DNS it has an fe.acme.com alias.
Suggestions on making certificates work properly are welcome. Thank you in advance.
Jan 31 2019 10:28 AM