It’s been around 6 months since I’ve done a Lync deployment and maybe I’m just getting old but I totally forgot why the Process Pending Certificates option was grayed out in the Certificate Wizard when I was trying to process a request I issued from the Lync Edge server with the response I received from GoDaddy. Just in case I ever forget again in the future, I thought it would be good to write this post so I can have something to reference to in the future.
Problem
You need a certificate for your Microsoft Lync Server 2010 Edge server and have proceeded to generate the request from the Certificate Wizard:
Everything proceeds as you expect but after you receive your response from the public Certificate Authority, you notice that the Process Pending Certificates option in the Certificate Wizard is grayed out:
Solution
Those who are familiar with Microsoft OCS 2007 would remember that you would always get the option to process a certificate if you issued an offline request but in the case of Microsoft Lync Server 2010, what you need to do after you generate an offline request is to use the Certificates MMC snap-in to process the request.
Proceed with clicking on Start –> Run and type in mmc:
Add the Certificates snap-in for the Local Computer and then navigate to Certificates –> Personal –> Certificates:
Right click on the Certificates node and select All Tasks –> Import…:
Proceed through the wizard and import the response file from the issuing certificate authority:
… and that’s it. I really wished it was a bit more intuitive but I assume there’s a reason why Microsoft designed it this way. Note that you can only import the response once so if you find that you imported the response to the wrong store, you can’t simply re-import the response.
It’s also worth while to double click in the certificate to ensure that you don’t see the following message:
Windows does not have enough information to verify this certificate.
If you notice that this is displayed, import the issuing authority’s trust chain into your Trusted Root Certification Authority:
2 comments:
The only thing you have to do after requesting a certificate is to press the REFRESH button to get the process button to be active ;)
..that is when you're doing an ONLINE request. In your example you're doing an offline request. In that case the processing should be offline/manual as you described.
If you do an online request, Lync can handle the whole process from beginning to end. Including the import of certificates.
roman
Post a Comment