Communicator Web Access (2007 R2 release) uses two different protocols – mutual TLS (MTLS) and Secure Sockets Layer (SSL) – to carry out its appointed tasks. MTLS is a protocol that provides secure communication between two computers. MTLS is used to authenticate connections between Communicator Web Access and Office Communications Server 2007 R2.

Although Communicator Web Access uses two different protocols you can typically get by with installing a single certificate; in most cases the same certificate can be used both for MTLS and SSL. The MTLS certificate is assigned when you activate Communicator Web Access, while the SSL certificate is assigned each time you create a virtual server. If you have just one Communicator Web Access server you can use a single certificate as long as that certificate meets the following criteria:

Subject name

Matches the URL of the Communicator Web Access site.

Subject Alternate Name (SAN)

Includes the following:

The URL of the Communicator Web Access site

The asURL

The downloadURL

The host server FQDN.

Typically, users who are outside of the Active Directory domain will access the Communicator Web Access server. Therefore, it is desirable to have a public certification authority (CA) issue the certificate that is placed on the Communicator Web Access virtual server. In this section, complete the following procedures:

For additional details about preparing certificates, see Preparing Certificates for Communicator Web Accessin the Deploying Communicator Web Access (2007 R2 Release) documentation.