In a previous Post I mentioned an issue that I had with a Certificate template on my Internal Enterprise CA not showing up when I tried to request a certificate.
Tag: Lync
Over the last week I have been working on a certificate issue with Lync 2013. This has effected mobile clients and remote Windows and Apple machines. After Checking the event log on my Lync Front End Server I discovered that I was getting event log errors like this:
And as you can tell from the next picture they were showing up pretty regularly.
So I started googling and I found a few articles online and discovered that this is a known issue that MS Support is aware of but has not permanent fix. They are only offering workarounds at this time. The first one that I found said that the problem is caused by .NET Framework 4.6 and 4.6.1 being installed at the same time and required adding a registry key of the Front End Server which looked like this:
[HKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkv4.0.30319]
“RequireCertificateEKUs”=dword:00000000
This actually made things worse as it doubled the amount of errors I was getting in the event log.
So I moved on to this lovely technet article I found which worked for me and after reading it I discovered why the first method did not work.
You see because I did not install Lync in the standard location (meaning the C: Drive) the registry key fix would not work. I actually ended up having to regenerate my internal certificates and modify my CA to issue a new certificate template which merges the Webserver Client and Server template.
I am not going to go into further detail on this as the above URL fixed my issue and has very good step by step instructions. I will however probably do a follow post on what happened when I tried to issue a certificate with that template the first time and what I had to do to fix that issue.