![]() |
The server certificates exchanged between Avaya Application Enablement Services (AES) and Microsoft Office Communications Server (OCS) must support both Server Authentication and Client Authentication key usage.
This section describes the steps for creating a certificate template on the Windows Server 2008 Enterprise Certification Authority (CA). The certificate template is used to create server certificates for both AES and OCS.
![]() | Note |
If OCS Enterprise edition is in use with an OCS server pool, the certificate should be issued in the name of the pool and must have both Server Authentication and Client Authentication. If a load balancer handles the pool, then the pool name should resolve to the load balancer’s IP address. For example, if the OCS pool is called ocspool.company.com, and that is the pool that agents and OCS servers use, the DNS resolution of ocspool.company.com should be the IP address of the load balancer. Furthermore, the TLS certificate should be issued to ocspool.company.com from the correct authority with the correct company name, etc. Then, this certificate should be put on each of the OCS servers so that they pass this ocspool.company.com certificate when creating a secure socket to Application Enablement Services. |