Comments on: Communicator 2007 Certificate Error http://www.leedesmond.com/weblog/?p=317 security, unified communications, PowerShell, virtualization // snowboarding, scuba diving Wed, 08 Sep 2010 00:45:12 +0000 http://wordpress.org/?v=2.2.2 By: webmaster http://www.leedesmond.com/weblog/?p=317#comment-271531 webmaster Mon, 17 Aug 2009 13:16:35 +0000 http://www.leedesmond.com/weblog/?p=317#comment-271531 iconoclast88, Sorry for the late reply. To make life easier, you should consider procuring Unified Communications certificates that are specifically certified (or designed) to work with Exchange 2007/2010 or OCS 2007 R2. As you have discovered, Subject Alternate Name (SAN) is one of those tricky fields that must be properly setup in addition to the normal Subject Name (CN). How did you configure your digital certificate when you purchased it from your provider (godaddy)? The process should not be very different from a certificate request step (using the built-in OCS Wizard) if you have your own internal CA, such as Windows Server 2003 or 2008. iconoclast88,

Sorry for the late reply.

To make life easier, you should consider procuring Unified Communications certificates that are specifically certified (or designed) to work with Exchange 2007/2010 or OCS 2007 R2. As you have discovered, Subject Alternate Name (SAN) is one of those tricky fields that must be properly setup in addition to the normal Subject Name (CN).

How did you configure your digital certificate when you purchased it from your provider (godaddy)? The process should not be very different from a certificate request step (using the built-in OCS Wizard) if you have your own internal CA, such as Windows Server 2003 or 2008.

]]> By: iconoclast88 http://www.leedesmond.com/weblog/?p=317#comment-250281 iconoclast88 Thu, 02 Jul 2009 19:06:40 +0000 http://www.leedesmond.com/weblog/?p=317#comment-250281 Lee, I've done this, and still I get the same message. I'm beginning to think something's wrong with my cert. I'm,using a public trusted CA, godaddy normal, simple cert for internal OCS 2007 r2. I only have 1 enterprise server in my pool. one sip. domain.com domain is same internally and externally - domain.com godaddy cert is for the fqdn of the pool. The only thing that makes me think the cert won't work is that during ocs cert setup it asks for a subject alternate name for the SIP. Can a normal cert do this? I don't have a UCC for this, but i thought i didn't need one for the internal. I do not have an internal CA setup. Josh Lee,

I’ve done this, and still I get the same message. I’m beginning to think something’s wrong with my cert. I’m,using a public trusted CA, godaddy normal, simple cert for internal OCS 2007 r2. I only have 1 enterprise server in my pool.

one sip. domain.com
domain is same internally and externally - domain.com

godaddy cert is for the fqdn of the pool.

The only thing that makes me think the cert won’t work is that during ocs cert setup it asks for a subject alternate name for the SIP. Can a normal cert do this? I don’t have a UCC for this, but i thought i didn’t need one for the internal.

I do not have an internal CA setup.

Josh

]]>