Question:
How do I generate a CSR on Edge Server with Microsoft Lync 2010 Server ?
Answer:
If you require an SSL certificate to secure a domain hosted in an Edge Server,
you must first generate a Certificate Signing Request (CSR).
Do not use commas in any of the fields when creating your Certificate Signing Request (CSR). Commas are interpreted as the end of the field and will cause an invalid CSR to be generated.
Do not use any of the following characters in the Web server Distinguished Name: ! @ # $ % ^ * ( ) ~ ? > < & / \
To generate a new CSR:
1. Start > All Programs > Microsoft Lync Server 2010 > Lync Server Deployment Wizard
2. Select Install or Update Lync Server System
3. Click Run button on step 3 Request, Install or Assign Certificates
4. Select External Edge Certificate and click Request button
5. On certificate request window click next
6. Make sure the selection option is on Prepare the request now, but send it later. Click Next.
7. Give the name and place the location where you want to save your certificate signing request file. E.g.: c:\csr.txt
8. Click Next button on Specify Alternate Certificate Template window.
9. On Name and Security Settings window, enter your Friendly Name. e.g.: My Edge Server and make sure the bit length is 2048. Click Next to continue.
10. On Organization information window, type in your Organization and Organization Unit then click Next
11. On Geographical Information, please enter your Country, State and City. Click next to continue.
12. On Subject Name/Subject Alternate Name window, all the subject alternate names will auto populate. Click next to continue.
13. On SIP Domain Setting on Subject Alternate Names window, make sure the check box on sip domain being checked. Click next to continue.
14. On Configure Additional Subject Alternate Names window, you can add any additional SAN if needed and click next to continue
15. On Certificate Request Summary, please review and click next to continue.
16. Click next on the Executing Command window.
17. Click on the View button to open the CSR file and click Finish button to close the Certificate Request File window. You can also find the file on the allocated folder.
18. Copy the entries of CSR file and paste it to the online order screen on Entrust website or CMS.