Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
UM certificate requirement? RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    I've heard conflicting things.  Some people say that for UM to work, the servername can be ANYWHERE in the certificate. 

    For example:
    CN = mail.domain.com
    SAN = mail.domain.com
    SAN = servername.domain.com
    SAN = autodiscover.domain.com

    On the other hand, I've heard people say for UM to OCS integration to work, the servername has to be either the CN or the 1st SAN.

    For example:
    CN = servername.domain.com
    SAN = servername.domain.com
    SAN = mail.domain.com
    SAN = autodiscover.domain.com

    Can anyone who has actually done this please let me know whether you actually NEED the servername FQDN listed in the CN and 1st SAN for it to work with OCS integration or can you have it anywhere in the certificate.

    Thanks.


    Saturday, May 17, 2008 1:46 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    SAN should not be a problem

    Tuesday, May 20, 2008 11:15 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Additoinally, what you've heard about the certificates requiring the Subject Name to match the first entry in the Subject Alternative Name field may have been in relation to ISA 2006 (and not OCS), which currently has that limitation.
    Wednesday, May 21, 2008 1:07 AM
    Moderator