Purpose:
SSL/TLS certificate installation guide
For Microsoft Lync 2010
Skip to Installation.
Before you begin...
-
Never share private key files.
-
If you plan on using the same certificate on multiple servers always transfer the private key using a secure method ( e-mail is not considered a secure method of transfer ).
-
Make sure you run the SSL Server Test at the end of the installation process to check your certificate configuration against SSL/TLS Best Practices.
-
For more information on SSL/TLS Best Practices, click here .
Installing your Entrust SSL/TLS Certificate on Microsoft Lync 2010
1. Click the
Download
button in the pickup wizard to download your certificate files. Clicking the download button will produce a zip file that includes your Server Certificate, the Entrust chain/intermediate certificates(s) and the Entrust Root certificate. Extract the files from the zip file.
2. On the server, go to
Start > Run > type MMC and hit enter.
3. Click
File > Add Remove Snap-in.
4. Select
Certificates
and click
Add.
5. Select
Local Computer
and click
Finish.
6. Click
Close.
7. Expand
Certificates
on the left hand side of the console window.
8. Expand the
Trusted Root Certification Authorities
folder and click on the
Certificates
sub-folder.
9.
Important:
Check the list of Trusted Root Certificates to see if there is a root labeled
Entrust Root Certification Authority - G2.
If this root is present, delete the root from the list. You will install another root certificate and chain your certificate to that root to provide backwards compatibility with older devices that do not include the newer Entrust SHA-2 root certificate.
10. Right click on the
Certificates
sub-folder under
Trusted Root Certification Authorities
and select
All Tasks > Import.
11. In the import wizard, browse to the
Root.crt
file downloaded in step 1 and complete the wizard.
12. In the MMC console, expand the
Intermediate Certification Authorities
folder. Right click on the
Certificates
sub-folder and select
All Tasks > Import
.
13. In the import wizard, browse to the
Intermediate1.crt
file downloaded in step 1 and complete the wizard.
14. Right click on the
Certificates
sub-folder under
Intermediate Certification Authorities and select
All Tasks > Import
.
15. In the import wizard, browse to the
Intermediate2.crt
file downloaded in step 1 and complete the wizard to complete the certificate chain setup process. You should see your Entrust Intermediate certificates listed in the Intermediate Certification Authorities folder. You are now ready to install your signed server certificate.
16. Click on
Start > All Programs > Microsoft Lync Server 2010 > Lync Server Deployment Wizard.
17. Select
Install or Update Lync Server.
18.Click
Run
in the step 3 section.
19. Select
External Edge certificate
and click the
Import certificate
button.
20. In the
Import Certificate
window, browse to the location of the
ServerCertificate.crt
file that was downloaded in step 1 and click
Next.
21. Click
Next
in the
Import Certificate Summary
window.
22. In the
Executing Commands
window, make sure the task status is complete and click
Finish.
If you have any questions or concerns please contact the
Entrust Certificate Services Support
department for further assistance:
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE:
It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
Country | Number |
Australia |
0011 - 800-3687-7863
1-800-767-513 |
Austria | 00 - 800-3687-7863 |
Belgium | 00 - 800-3687-7863 |
Denmark | 00 - 800-3687-7863 |
Finland |
990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet) |
France | 00 - 800-3687-7863 |
Germany | 00 - 800-3687-7863 |
Hong Kong |
001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax) |
Ireland | 00 - 800-3687-7863 |
Israel | 014 - 800-3687-7863 |
Italy | 00 - 800-3687-7863 |
Japan |
001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ) 0061 - 800-3687-7863 (IDC) |
Korea |
001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom) |
Malaysia | 00 - 800-3687-7863 |
Netherlands | 00 - 800-3687-7863 |
New Zealand |
00 - 800-3687-7863
0800-4413101 |
Norway | 00 - 800-3687-7863 |
Singapore | 001 - 800-3687-7863 |
Spain | 00 - 800-3687-7863 |
Sweden |
00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2) |
Switzerland | 00 - 800-3687-7863 |
Taiwan | 00 - 800-3687-7863 |
United Kingdom |
00 - 800-3687-7863
0800 121 6078 +44 (0) 118 953 3088 |
23. In the
Certificate Wizard
, select the
External Edge certificate
and click
Assign.
24. Click
Next
in the
Certificate Assignment
window.
25. In the
Certificate Store
window, click the
View Certificate Details
button to view the confirm that you have select the right server certificate. Once you have confirmed, click
Next
.
26. In the
Certificate Assignment
window, wait until the task is completed and click
Finish
to complete the certificate installation process.