Search This Blog

Friday, September 23, 2011

Certificate Chain is Invalid / Problem Deploying Lync Server 2010

Hello Everybody,

SomeTimes While Deploying Microsoft Lync Server 2010 , when it comes to Requesting and Assigning Certificate for the Lync Services It will Fail with the Following Error:

A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. (Exception from HRESULT: 0x800B0109)

To solve this Error you will need to Download the Certificate chain from your Certificate Authority , and install it in the Lync FE .

How To Do That Step - by - Step:
  • Open An Internet Explorer at the Lync FE server ( the One You Are Running the Installation Wizard on it).
  • Write the URL of the Certificate Authority Server e.g. ( Http://ca.contoso.com/contoso-ca)
  • Click on "Download a CA Certificate, Certificate Chain, or CRL"
  • In the next Page click on "Download  CA Certificate Chain"
  • Click Save and save the Cert. to the Desktop.
  • now you will need to import, Click Start, Run and type MMC.
  • Press Ctrl+M
  • From the Left Menu Double Click "Certificates"
  • From the Certificate Snap-in Window, Select "Computer Account" and Click Finish
  • Click Ok
  • Now Expand the Certificates Menu and double Click "Trusted Root Certificate Authorities"
  • Right Click Certificates >> All Tasks >> Import

  • In the Import Certificate Wizard Welcome Page Click Next

  • Browse to the Desktop and select the downloaded Certificate ( make sure that file Type is All Files)
  • Click Next
  • Click Next
  • Click Finish
By this You had imported the Certificate and try now to re-request the certificate for Lync Services in the Deployment Wizard and it will NOT fail .

if these Steps werent Clear Enough for you , please use the Following Link

1 comment:

  1. GOt the same issue, for my case i rebooted the lync 2013 server and i was able to finalize the certificate assignments.

    ReplyDelete