Thursday, October 13, 2011

Microsoft Office Communicator - Problem verifying certificate from the server.

When using Microsoft Office Communicator with a server that has TLS enabled you might get an error message "Problem verifying certificate from the server.".

This message means that the computer you are on does not trust the certificate that is being presented to it.

The first way to troubleshoot this is to figure out what certificate it is receiving. The easiest way I've found to do this is to use openssl's s_client:

openssl s_client -connect

By doing this you will see the entire certificate chain. You now need to go into the windows certificate management tools and make sure that chain is valid.

Generally this will involve running mmc.exe, then adding the snap in "Certificate Management" for the computer itself.

Another option is to cut and paste the BEGIN and END certificate lines into a text file. Name the text file with a .der extension and install the certificate. Then browse to the certificate in MMC and see if anything is wrong. Things that might go wrong include the validity date or being unable to trust the certificate chain (most likely from missing certificates).

If you are missing certificates you need to track them down and install them. After this is done you should be able to connect to communicator server.

1 comment:

asa138 said...

Please elaborate a little. How to use OPENSSL command?