Lync Server 2013 中的憑證摘要-調整式 Director 集區(硬體負載平衡器)Certificate summary - Scaled Director pool, hardware load balancer in Lync Server 2013

 

主題上次修改日期: 2012-10-20Topic Last Modified: 2012-10-20

具有硬體負載平衡器之 Director 的憑證需求,會針對 Director 集區可以接收的服務,使用具有主體名稱和主體替代名稱的預設憑證。Certificate requirements for a Director with a hardware load balancer will use a default certificate that has a subject name and subject alternative names for services that the Director pool can receive. 集區中的每個 Director 要求憑證。A certificate is requested for each Director in the pool. 此外,每部伺服器上還會安裝針對伺服器對伺服器驗證使用的 OAuth Token 憑證。Additionally there is an OAuth Token certificate for server to server authentication purposes that is installed on each server.

使用硬體負載平衡器的調整式 Director 的憑證Certificates for a Scaled Director Using a Hardware Load Balancer

元件Component 主體名稱 (SN)Subject name (SN) 主體替代名稱 (SAN)Subject alternative names (SAN) 註解Comments

預設Default

dirpool01.contoso.netdirpool01.contoso.net

dirpool01.contoso.netdirpool01.contoso.net

dir01.contoso.netdir01.contoso.net

dialin.contoso.comdialin.contoso.com

meet.contoso.commeet.contoso.com

lyncdiscoverinternal.contoso.comlyncdiscoverinternal.contoso.com

lyncdiscover.contoso.comlyncdiscover.contoso.com

(選用) \*.contoso.com(Optionally) \*.contoso.com

Director 憑證可以從內部管理的憑證授權單位單位 (CA) 或公用 CA 要求。Director certificates can be requested from either an internally managed certification authority (CA) or from a public CA.

Director 會從周邊或 Edge Server 的反向 proxy 回應要求。The Director responds to requests from the reverse proxy in the perimeter or from the Edge Server.

或是簡單 URL 的萬用字元項目Or, a wildcard entry for the simple URLs

OAuthTokenIssuerOAuthTokenIssuer

dir01.contoso.netdir01.contoso.net

無項目No Entry

重要

請注意,雖然最小金鑰長度是 1024,但是您可能會收到警告表示建議最小金鑰長度為 2048 位元。Note that the minimum key length is 1024, but you may receive a warning that the minimum recommended key length is 2048 bits.

OAuthTokenIssuer 憑證是單一目的憑證,用於驗證大規模環境中的伺服器,且可向內部 CA 或公用 CA 要求。此憑證為必要。The OAuthTokenIssuer certificate is a single-purpose certificate for the purpose of authenticating servers in a large-scale environment, and can be requested from an internal CA or from a public CA. The certificate is required.