Print

Installing a trusted certificate chain by using Microsoft-based procedure

About this task

If you use a Microsoft CA hierarchy, follow this procedure from the AE Services server to import the trusted certificate chain in PKCS#7 format from Microsoft Certificate Services into the AE Services Management Console.

Procedure

  1. From Internet Explorer, type the URL of your certificate server. For example:

    http://<microsoftcertificate_server.com>/certsrv

  2. From the Microsoft Certificate Services page, click Download a CA certificate, certificate chain, or CRL.
  3. On the Download a CA Certificate, Certificate Chain, or CRL page, select the option button for Base 64, and click Download CA certificate chain.
  4. Save the CA certificate file (the trusted certificate) to a local directory on the Microsoft Live Communications Server (for example C:\temp\aetrucert.p7b) or Microsoft Office Communications Server 2007 (for example C:\temp\aetrucert.cer).
  5. Using a text editor, open the file and change the header and trailer as follows:

    -----BEGIN PKCS7-----

    -----END PKCS7-----

    importantImportant

    You must change the header and trailer in the PKCS#7 file as specified in Step 5. Otherwise, you will be unable to successfully import the trusted certificate chain from a Microsoft CA.

  6. Contact the Communications Server administrator, and confirm that both the server certificate and the trusted certificate are installed and operating on the Communications Server. The certificates must be installed and operating on Communications Server before you can carry out the procedures in the AE Services Management Console.
  7. Continue with the steps described next in Importing the trusted certificate into the AE Services management console.