When planning for the deployment of certificates in an Office Communications Server (OCS) Pool, you should pay special attention to the use of the SAN (Subject Alternate Name) fields. There is no mention when deploying external web conferencing that you must include the FQDN of each FE server in the SAN field of the OCS Pool cert.
This is because the access edge servers connect directly to the FQDNs of the OCS FE servers when external users join a meeting. The OCS R2 Enterprise Edition Deployment Guide indicates that SAN fields are only required for multiple SIP domains.
In the recently released Microsoft Certificate deployment document, it states that wildcards are allowed in the SAN fields of OCS Pool certs. The truth is that if you are supporting web conferencing from the public internet then your OCS pool certificate must contain in the SAN fields the FQDNs of each FE server. If you use wildcards in the SAN fields, the OCS services won't even start.
Dig Deeper on Unified Communications Integration and Interoperability
Related Q&A from Hugh Marlor -- Retired Expert
Many users want to know if Lync 2010 can coexist with previous Microsoft UC clients Live Communications Server and Office Communications Server. ...continue reading
Integration and collaboration expert Hugh Marlor explains how to avoid the Windows 2008 issue of encountering a "presence unknown" display when ...continue reading
When testing our media gateway configurations for OCS 2007 R2 for inbound and outbound calling to/fr
Unified communications integration and collaboration thought leader Hugh Marlor helps troubleshoot an error in Office Communications Server 2007 R2 ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.