Important Resource for Deploying Certificates in Communications Server 2007 and Communications Server 2007 R2

Deploying Certificates in Communications Server 2007 and 2007 R2

Certificates and public key infrastructure (PKI) systems can be very complex and are often misunderstood. Typically, a dedicated team of security experts in a corporation plan, configure, and operate these systems. For Communications Server, the properties that you apply to a certificate for a specific task or role must be correct, or the servers will not authenticate, causing failure in validation or activation of services. In Communications Server 2007 and 2007 R2, certificates encrypt traffic by using Transport Layer Security (TLS), which is the successor to Secure Sockets Layer (SSL), and provide strong authentication by using mutual TLS (MTLS). "Deploying Certificates in Office Communications Server 2007 and Office Communications Server 2007 R2," available as "Office Communications Server 2007 and 2007 R2 Certificate Guide.doc" at https://go.microsoft.com/fwlink/?linkid=179053, provides details about deploying certificates in Office Communications Server 2007 and 2007 R2.

"Deploying Certificates in Office Communications Server 2007 and Office Communications Server 2007 R2" explains the properties and attributes of certificates you need to know about when working with Office Communications Server 2007 and 2007 R2. This document walks through most of the common, and some optional, tasks that you need to perform to realize the full value of the system. All roles that require certificates for deployment and operation are discussed. The properties are presented along with information to describe what they are and how they are used. This document shows you how to request the right certificate with the right parameters to make sure that you are delivering value to your users, rather than just troubleshooting problems.

The scope of "Deploying Certificates in Office Communications Server 2007 and Office Communications Server 2007 R2" is to discuss the certificate deployment process only, not the deployment process for servers and their configuration. In some cases, role configuration is discussed at a high level because it is necessary to the certificate process.

In "Deploying Certificates in Office Communications Server 2007 and Office Communications Server 2007 R2," you learn how to deploy certificates in the following phased deployment process:

• Phase 1 - SQL Server Backend and Enterprise Pool or Standard Server

• Phase 2 - Director

• Phase 3 - External Access with Edge Server Roles

• Phase 4 - Voice Services

• Phase 5 - Group Chat Server

• Phase 6 - Communicator Web Access

"Deploying Certificates in Office Communications Server 2007 and Office Communications Server 2007 R2" also covers hardware load balancer configurations.

Figure 1 represents an example of a possible rollout performed in phases. Use this diagram to understand which phase contains a certificate discussion that pertains to your situation.

Figure 1. Overview of phased rollout

For details, see "Deploying Certificates in Office Communications Server 2007 and Office Communications Server 2007 R2," available as "Office Communications Server 2007 and 2007 R2 Certificate Guide.doc" at https://go.microsoft.com/fwlink/?linkid=179053.

Office Communications Server Resources

• Visit the Office Communications Server main page at https://go.microsoft.com/fwlink/?LinkId=132607.

• View the complete Office Communications Server documentation library at https://go.microsoft.com/fwlink/?LinkId=132106.

• Follow tweets from the Office Communications Server team at https://go.microsoft.com/fwlink/?LinkId=167909.

• Download all the Office Communications Server content as a Word document at https://go.microsoft.com/fwlink/?LinkId=133609.

• Download all the Office Communications Server content as a compiled help file at https://go.microsoft.com/fwlink/?LinkId=160355. (Make sure you scroll down to the Additional Information section to download OCSDocumentation.chm.)