"Cannot validate server certificate" when using OCS 2007 Phone Edition device (aka: Tanjay)

November 19, 2007

in Microsoft, OCS

Jen Trier Rasmussen has written an excellent article that describes the process that OCS 2007 Phone Edition device’s use to process root certificates.  If you are having problems getting your MOC 2.0 Phone Edition device to work internally you’ll want to read his article, especially if your OCS service is deployed in a resource forest.


“Communication between the Office Communicator 2007 Phone Edition device (LG-Nortel model and Polycom model) and Office Communications Server 2007 is by default encrypted using TLS and SRTP. Therefore the device needs to trust certificates presented by OCS 2007 servers. If the OCS 2007 servers use public certificates they will most like be automatically trusted by the device, since it contains the same list of trusted CA’s as Windows CE. However since most OCS 2007 deployments use internal certificates for the internal OCS 2007 server roles there is a need to install the Root CA certificate from the internal CA to the device. It is not possible to manually install the Root CA certificate on the device, so it needs to come via the network. Office Communicator 2007 Phone Edition is able to download the certificate using two methods.”


Read Jen’s post here to get the solution…

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)