Installing a trusted certificate chain by using Microsoft-based
procedure
About this task
If you use a Microsoft CA hierarchy, follow this procedure from
the AE Services server to import the trusted certificate chain in PKCS#7
format from Microsoft Certificate Services into the AE Services Management Console.
Procedure
From Internet Explorer, type the URL of your certificate
server. For example:
http://<microsoftcertificate_server.com>/certsrv
From the Microsoft Certificate Services page, click Download a CA certificate, certificate chain, or CRL.
On the Download a CA Certificate, Certificate
Chain, or CRL page, select the option button for Base 64, and click Download CA certificate
chain.
Save the CA certificate file (the trusted certificate)
to a local directory on the Microsoft Live Communications Server (for
example C:\temp\aetrucert.p7b) or Microsoft Office Communications
Server 2007 (for example C:\temp\aetrucert.cer).
Using a text editor, open the file and change the header
and trailer as follows:
-----BEGIN PKCS7-----
-----END PKCS7-----
Important
You must change the header and trailer in the PKCS#7 file as specified
in Step 5. Otherwise, you will be unable to successfully import the
trusted certificate chain from a Microsoft CA.
Contact the Communications Server administrator, and confirm
that both the server certificate and the trusted certificate are installed
and operating on the Communications Server. The certificates must
be installed and operating on Communications Server before you can
carry out the procedures in the AE Services Management Console.