[This is pre-release documentation and subject to change in future releases. This topic's current status is: Milestone-Ready]

Topic Last Modified: 2010-07-17

Your Edge Server deployment requires a single public certificate for the external interfaces of Edge Servers, which is used for the Access Edge service, the Web Conferencing edge service, and for A/V authentication. The reverse proxy (such as for use with ISA Server 2006 or TMG 2010) also requires a public certificate. Although you may also choose to use a public CA for the internal edge certificate, we recommend using an internal Enterprise CA for those other certificates instead in order to help minimize the cost of certificates. For a summary of certificate requirements for Edge Servers, see Certificate Requirements for External User Access. For information about using an internal Enterprise CA to obtain the internal edge and A/V authentication certificates, see Request Certificates from an Internal Enterprise CA.

When you install an Edge Server, setup includes a certificate wizard that facilitates the tasks of requesting, assigning, and installing certificates, as described in the Set Up Edge Certificates section. If you want to request certificates prior to installing an Edge Server (such as to save time during actual deployment of Edge components), you can do so using internal servers as long as you ensure that the certificates are exportable and contain all the required SAN names. This documentation does not provide procedures for using internal servers to request certificates.