Topic Last Modified: 2010-07-19
Each Front End Server requires three certificates, a default certificate, a Web internal certificate, and a Web external certificate. For details about the certificate requirements, see Certificate Requirements for Internal Servers. Use the following procedure to configure the Front End Server certificates. Repeat the procedure for each Front End Server. The steps of this procedure describe how to configure a certificate from an Internal Enterprise Root certification authority (CA) deployed by your organization and with offline request processing. For information about obtaining certificates from an external CA, contact your IT department.
To configure certificates for a Front End Server
-
In the Communications Server 2010 (Beta Refresh) – Deployment Wizard, next to Step 3: Request, Install or Assign Certificates, click Run.
-
On the Certificate Wizard page, click Request.
-
On the Certificate Request page, click Next.
-
On the Delayed or Immediate Requests page, accept the default Send the request immediately option, and then click Next. The internal CA with automatic online enrollment must be available.
-
On the Choose a certificate Authority (CA) page, accept the default or select the applicable CA, and then click Next.
-
On the Certificate Authority Account page, optionally specify information, and then click Next.
-
On the Specify Alternate Certificate Template page, to use the default Web Server template, click Next.
-
On the Name and Security Settings page, optionally specify a Friendly Name, accept the remaining defaults, and then click Next. This name should contain a reference to the computer or pool. If you leave it blank, a name will be auto generated.
-
On the Organization Information page, optionally provide organization information, and then click Next.
-
On the Geographical Information page, optionally provide geographical information, and then click Next.
-
On the Subject Name / Subject Alternate Names page, review the subject alternative names (SANs) that will be added, and then click Next.
-
On the SIP Domain setting page, select the SIP Domain (optional), and then click Next.
-
On the Configure Additional Subject Alternate Names page, add any additional required subject alternative names, including any that you think might be required for additional SIP domains in the future, and then click Next.
-
On the Certificate Request Summary page, click Next.
-
On the Executing Commands page, click Next.
-
On the Online Certificate Request Status page, click Finish.
-
On the Certificate Assignment page, click Next. Optionally, you can view the certificate purpose by double-clicking the certificate in the list.
-
On the Certificate Assignment Summary page, click Next.
-
On the Executing Commands page, click Finish.
-
When finished, and on the Certificate Wizard page, click Close.