locked
OCS 2007 | "Problem with veryfing certs from server" RRS feed

  • Question

  • Hi all,

    I am having a problem with logging in perhaps you guys could point me in the right direction to fix it. I am trying to login to communicator outside my internal network (from home basically)

    when I'm at work I can login fine and everything works dandy

    when I go home, I try logging in and I get this error

    "There was a problem verifying the certificate from the server. Please contact your system administrator"

    In the event log I see this:


    Code Snippet

    Communicator could not connect securely to server sip.mydomain.ca because the certificate presented by the server did not match the expected hostname (sip.mydomain.ca).

     

    Resolution:
    If you are using manual configuration with an IP address or a NetBIOS shortened server name, a fully-qualified server name will be required. If you are using automatic configuration, the network administrator will need to make sure that the published server name in DNS is supported by the server certificate.

     

     

     

    I have the root CA for the cert authority I used in the computer (we used CACert to generate the server certs) and the client/server has both the revoke and root certs imported manually into the trustured root enterpise store.

    The way my OCS is deployed is fairly simple. We have no load balancer, just a single T1 line coming into the office. All we have is a firewall. Which is set to allow connections 5061 to our server. We have deployed all the OCS roles onto one server (conslidated server I guess)

     

    our dns server has both a A record for the
    pool name (livecomdb.domain.ca)
    sipexternal.domain.ca
    sip.domain.ca
    and SRV records for
    _sipextermal
    _sipexternaltls

     

    and the ip for all of those point to our T1 line...

     

    The computer I use at home and work are diffrent.

     

    Any reason for this error?

    Tuesday, April 15, 2008 2:14 PM

All replies

  • If you want to have remote access then you need to deploy an OCS EDGE Server.

    Your setup is not supported

     

    Tuesday, April 15, 2008 10:49 PM
  • Thank you sir.


    Wednesday, April 16, 2008 11:53 PM