Certificate summary - Single Director in Lync Server 2013

 

Topic Last Modified: 2012-09-08

Certificate requirements for a single Director consist of a default certificate that has a subject name and subject alternative names for services that the Director can receive. Additionally, there is an OAuth Token certificate for server to server authentication purposes.

Certificates for Director

Component	Subject name (SN)	Subject alternative names (SAN)	Comments
Default	dir01.contoso.net	dir01.contoso.net dialin.contoso.com meet.contoso.com lyncdiscoverinternal.contoso.com lyncdiscover.contoso.com (Optionally) *.contoso.com	Director certificates can be requested from either an internally managed certification authority (CA) or from a public CA. The Director responds to requests from the reverse proxy in the perimeter or from the Edge Server. Internal clients will not use the Director. Or, a wildcard entry for the simple URLs
OAuthTokenIssuer	dir01.contoso.net	No Entry	Important Note that the minimum key length is 1024, but you may receive a warning that the minimum recommended key length is 2048 bits. The OAuthTokenIssuer certificate is a single-purpose certificate for the purpose of authenticating servers in a large-scale environment, and can be requested from an internal CA or from a public CA. The certificate is required.