Topic Last Modified: 2010-11-07
You need to install the root certification authority (CA) certificate on the server running Microsoft Forefront Threat Management Gateway 2010 for the CA infrastructure that issued the server certificates to the internal servers running Microsoft Lync Server 2010.
You also must install a public web server certificate on your reverse proxy server. This certificate’s subject alternative names should contain the published external fully qualified domain names (FQDNs) of each pool that is home to users enabled for remote access, and the external FQDNs of all Directors or Director pools that will be used within that Edge infrastructure. The subject alternative name must also contain the meeting simple URL, and the dial-in simple URL as shown in the following table.
| Value | Example | |||
|---|---|---|---|---|
|
Subject name |
Pool FQDN |
webext.contoso.com |
||
|
Subject alternative name |
Pool FQDN |
webext.contoso.com
|
||
|
Subject alternative name |
Meeting simple URL
|
meet.contoso.com |
||
|
Subject alternative name |
Dial-in simple URL |
dialin.contoso.com |
Important: Note: |
|---|
| If your internal deployment consists of more than one Standard Edition server or Front End pool, you must configure web publishing rules for each external web farm FQDN and you will either need a certificate and web listener for each, or you must obtain a certificate whose subject alternative name contains the names used by all of the pools, assign it to a web listener, and share it among multiple web publishing rules. |