ermcenter.com

Home > Event Id > The Certificate Received From The Remote Server Does Not Contain The Expected Name Lync

The Certificate Received From The Remote Server Does Not Contain The Expected Name Lync

Contents

From what you have said it sounds like this should beaccess.domain.net:5061 Double check that and let me know.Andrew Morpeth Lync Server Specialist - Auckland, NZ Blog - http://www.lync.geek.nz Twitter @AndrewMorpeth

Monday, Click here to cancel reply. Not the answer you're looking for? If you use manual discovery in the Lync client to access.domain.net:443 do you get the same result. http://ermcenter.com/event-id/an-tls-1-2-connection-request-was-received-from-a-remote-client-application-but-none-of-the-cipher.html

Those event log errors are on the front end or edge? tls lync-2013 share|improve this question edited Nov 7 '12 at 6:42 chutz 5,1961442 asked Nov 5 '12 at 5:15 TomTom 42.4k433103 According to social.technet.microsoft.com/Forums/en-US/winserversecurity/‌… , it maybe problem cause No: The information was not helpful / Partially helpful. Jump down to Matthias Aevermann post and start from there. –John Siu Nov 8 '12 at 5:14 That would be nice if it would not be: *Svr2012 and Windows

The Certificate Received From The Remote Server Does Not Contain The Expected Name Lync

Over the past 25 minutes, Lync Server has experienced TLS outgoing connection failures 2 time(s). Hope this helps work through our setup. Another consultant had installed a CA for the company in preparation for Lync. To Resolve this issue do the following: On the Lync 2013 server open the registry and browse to the following location: HKLM\System\CurrentControlSet\SecurityProviders\SChannel\Protocols Create the following Key under Protocol: TLS 1.2 Create

x 39 EventID.Net ME814662 provides information on this event. It seems like the Front End Pool doesn't recognize the Edge Server or the CNAME/Alias from access.domain.net to lync02.domain.local - these are all set and working? Regardless, this just goes to show that even if a workaround provided by Microsoft themselves might solve an issue, it doesn't necessarily mean its the right way to do it. Checking the System log on the local server where the tool was executed should report an Schannel error explaining why the previous test connection failed.

I Quote: I have been working with Microsoft for a couple of weeks on this and we have identified a workaround that resolves the issue. Think we are getting pretty close, I will test again now and see if the error is still appearing and go from there. The LDAP client stores the node's canonical name into the alias field. http://blog.schertz.name/2014/10/msturnping-bug/ The SSL connection request has failed.

Monday, February 03, 2014 12:50 PM Reply | Quote 0 Sign in to vote The certificate seems to be configured OK. Tuesday, February 04, 2014 5:56 AM Reply | Quote 0 Sign in to vote Also here are the Edge Pool Settings from the Topology Builder; General Internal server FQDN: lync02.domain.local Internal Alex. This will stop the schannel errors in the Windows logs.

The Following Fatal Alert Was Generated: 43. The Internal Error State Is 552.

If external this would beaccess.domain.net if your SRV's are resolving correctly. https://support.symantec.com/en_US/article.TECH217817.html Are you using a DMZ?Andrew Morpeth Lync Server Specialist - Auckland, NZ Blog - http://www.lync.geek.nz Twitter @AndrewMorpeth

Thursday, February 06, 2014 6:42 PM Reply | Quote 0 Sign in to vote The Certificate Received From The Remote Server Does Not Contain The Expected Name Lync Lync 2013 will use lync discover as a preference over SRV records. Kb2275950 There is no clear documentation how to handle it - it is related to SOME SORT of TLS encryption issues, but Windows does not even like to tell what.

wizard. his comment is here So just to confirm you’re above info on my servers; Front End Server (2 Certs) 1.) Default certificate – Location: Local Subject Name: CN = lync01.domain.local Subject Alternative Name: Any help would be great, thank you! We reissued the root certificate using SHA256, and installed new certificates on the Lync front-ends using this hash algorithm. Event 36888 Schannel

This link (http://support.microsoft.com/kb/2275950)speaks directly about Server 2008R2/W7, I am running Server 2012R2, which this Hot-fix doesn't apply too? The SSL connection request has failed. The SSL connection request has failed. this contact form If you current internal SRV's and lync discovery records are pointing to Lync 2010 this shouldn't a problem as a Lync 2013 user should be redirected to Lync 2013 pool.

There are other SAN's used in a deployment but these are minimum. Since this was a brand-new Lync deployment on brand new Windows 2012 servers, I had a hard time believing this was the only fix for the problem. The Domain is older (so old Default Settings in a GPO may cause this).

What is important is that when the Lync client is internal is resolves the local namespace and when external it resolves to the external namespace.

The actual Lync Servers do not utilize the same method as they properly use the Edge Pool name. EventID.Net ME2282241 indicates that this problem occurs because of an error in Windows Vista and in Windows Server 2008. Initially I thought the error corresponded with my testing via testconnectivity.microsoft.com but now I think it was just close and due to the frequency of the errors it is another issue? After much flailing about, I turned my attention to the recently installed Windows Certificate Authority installation.

So when using NAT you still need to specify the public IP that resolves to the A/V edge service. Hope this helps work through our setup. access.domain.net should resolve to the public IP of your Lync 2013 access edge service. navigate here i talked about internal certificate that exist on FE not public certificate http://technet.microsoft.com/en-us/library/gg398094.aspx Do you mean that your DC is windows server 2012R2?

The problem here is that every computer FQDN would need to be in the SAN as the same exact certificate must be applied to all servers so that the same public Hopefully, the more verbose logging will yield some additional information. 0 Chipotle OP TrevorDK Oct 15, 2014 at 5:23 UTC This error comes up all the time on Own CA, that all works. Yep, Edge server is on the Domain, Yes it does have DNS addresses in internal and external nic’s in Internal DNS – I can remove these for external?

Monday, February 03, 2014 9:47 AM Reply | Quote 0 Sign in to vote Hi Andrew, Thanks for the contact. So my External Certificate Subject Name is access.domain.net (CN = access.domain.net OU = Domain Control Validated) and my Edger Server Name (under the Topology builder) is lync02.domain.local (FQDN). Andrew Morpeth Lync Server Specialist - Auckland, NZ Blog - http://www.lync.geek.nz Twitter @AndrewMorpeth

Proposed as answer by Eason HuangModerator Wednesday, February 05, 2014 2:35 AM Tuesday, February 04, 2014 9:40 AM The SSL connection request h More Informations: As per Microsoft: "To resolve this issue, use one of the following methods: • Publish a new SSL certificate that has the FQDN of

Edge Server (2 Certs) 1.) Edge internal – Location: Local Subject Name: CN = lync02.domain.local Subject Alternative Name: None? (Doesn’t have the item in the cert) 2.) External Reply Murat says: December 25, 2014 at 9:49 am My pleasure Jeff 🙂 Reply Speak Your Mind Tell us what you're thinking... i talked about internal certificate that exist on FE not public certificate http://technet.microsoft.com/en-us/library/gg398094.aspx Do you mean that your DC is windows server 2012R2? The SSL connection request has failed.