#Lync Question 35: What certificate providers can I use with Lync

It is generally recommended that supported Unified Communications Certificate Partner public CA is used for all public certificates Lync Server 2013:

Unified Communications Certificate Partners
http://support.microsoft.com/kb/929395

Also if your running Lync Phone Edition you should be mindful of the public trusted certificates installed by default:

Certificates for Lync Phone Edition
http://technet.microsoft.com/en-us/library/gg398270(v=ocs.14).aspx

A number of certificate providers are transitioning to the SHA-2 cryptographic hash functions which allow greater levels of encryption. I experienced this recently with a GoDaddy certificate reissue (whereby I needed to change the existing certificate) this causing federation issues with some organisations but not others as the new root certificate wasn’t as widely installed as Edge server are typically on restricted networks and thus might not be getting the root certificate update from Microsoft.

This came into effect with Go Daddy 23 December 2013 and is why there is now a new root certificates (‘Go Daddy Class 2 Certification Authority Root Certificate – G2’).  It is possible (at the moment) via changing the ‘signature algorithm’ during the CSR submission to still do a 2 year certificate using the older root certificate and chain. (See below)

GoDaddy-CSR

What I will say however Microsoft themselves as well as Office 365 use Cybertrust

O365cert

So does it matter? Well as long as the computer/device trusted the certificate it should not, although I like others have had certificates issued with previously OCS/Lync deployment from both the UCC partners or other providers not listed.

And Lync is all about certificates…………….

REFERENCES:

Information About Requiring the SHA-2 Hash Function’ may be helpful to you.
http://support.godaddy.com/help/article/4818?locale=en&ci=46061

Advertisements

2 thoughts on “#Lync Question 35: What certificate providers can I use with Lync

  1. Pingback: #Lync Question 35: What certificate providers can I use with Lync | ariprotheroe | JC's Blog-O-Gibberish

  2. We had the same issue with the GoDaddy G2 CA certificate. Once installed it broke our ability to transfer to UM in Exchange online. Lync federation to Office 365 seemed to still work. We asked them to reissue using the older CA to resolve the issue.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s