Communicator Web Access and Office Communications Server 2007 R2 require certificates to ensure security. Communicator Web Access can use certificates that are issued by your existing PKI. You can use a certificate that is issued by either an internal CA or an external CA (also referred to as a public or third-party CA). For any external server, we recommend that you use a certificate issued by an external, public CA. A public CA is trusted by default by the Windows operating system and other popular client operating systems. Using a public CA will eliminate the security message on the client computer when the user accesses the Communicator Web Access site. In the case of Communicator Web Access, it typically should be behind a reverse proxy. The reverse proxy will carry the public CA certificate, while the Communicator Web Access server can use an internally generated certificate.

Using Certificates for Communicator Web Access

Communicator Web Access requires two certificates:

  • An MTLS certificate for communication with the Office Communications Server 2007 R2 Front End

  • An HTTPS/SSL certificate for client communication

In both cases, you can use a certificate that is issued by either a Microsoft internal CA or a third-party CA.