Certificate summary - Single Director in Lync Server 2013
Topic Last Modified: 2012-09-08
Certificate requirements for a single Director consist of a default certificate that has a subject name and subject alternative names for services that the Director can receive. Additionally, there is an OAuth Token certificate for server to server authentication purposes.
Certificates for Director
Component | Subject name (SN) | Subject alternative names (SAN) | Comments |
---|---|---|---|
Default |
dir01.contoso.net |
dir01.contoso.net dialin.contoso.com meet.contoso.com lyncdiscoverinternal.contoso.com lyncdiscover.contoso.com (Optionally) *.contoso.com |
Director certificates can be requested from either an internally managed certification authority (CA) or from a public CA. The Director responds to requests from the reverse proxy in the perimeter or from the Edge Server. Internal clients will not use the Director. Or, a wildcard entry for the simple URLs |
OAuthTokenIssuer |
dir01.contoso.net |
No Entry |
Important Note that the minimum key length is 1024, but you may receive a warning that the minimum recommended key length is 2048 bits. The OAuthTokenIssuer certificate is a single-purpose certificate for the purpose of authenticating servers in a large-scale environment, and can be requested from an internal CA or from a public CA. The certificate is required. |