Our Exchange 2010 Environment also sits on the resources test domain and linked accounts for those mailboxes sit on the alternate user domain. Some additional site configuration information to know about: Would this cause any issues once I've configured a Root CA on my resources test domain for users signing in attempting authentication? The other thing I will need to consider is that my Lync servers sit on the Resources Test domain however users sit on an alternate user domain that has trusts in place. Will need to work on configuring a Root CA. Yes Root CA is something I've considered but wanted to confirm if it is at all possible to configure the wildcard certificate in my scenario to start front end services. Record which is the domain name of the *.edu.au wildcard certificate.
Please also note that the lyncdiscoverinternal CNAME and sipinternalsTLS SRV record are configured to point to the .edu.au (Skype FE Pool) host Is it possible to configure internal clients to authenticate using the publicly trusted wildcard certificate? From what I can see the clients are looking at the certificate assigned to "Server default" which contains the self signed certificateĪnd not the "Web services internal" which contains the wild card certificate.
Self signed certificate for skype server 2015 install#
If I was to install this self signed certificate on a users workstation running the SFB client the authenication will work fine however this isn't the ideal method having to install the self signed cert on all user workstations. I'm able to start my front end pool successfully however the issue I'm then presented with is the internal SFB clients trying to authenticate are presented with a certificate error due to the self signed certificate .edu.au notīeing trusted. To the "Server Default" certificate for all front end servers and the wild card certificate *.edu.au is assigned to the "web services internal" and "web services external" certificates. I've managed to create a self signed certificate generated using OpenSSL for testing purposes eg .edu.au that contains the front end servers name (SANs: FEServerName.resourcestestDomainName).
Matching that of the wildcard certificate name eg *.edu.au). However the issue I'm having is when starting front end services I need to have the server default certificate configured for all front end servers which needs to contain the SANs of the front end server names (which is on our resources test domain and isn't This alternate DNS zone being used also contains the all the DNS records for the SFB environment eg skypepool, skypedir etc.Ī publicly trusted certificate was purchased which will be used for configuring external access eg mobility, this is a wild card certificate eg *.edu.au. The SFB infrastructure/servers is being configured in our resources test domain however an alternate DNS zone is being used for the SIP domain eg .edu.au.
Currently I'm in the process of configuring a Skype for Business Test Environment.
0 kommentar(er)
