Because
the Edge Server is not a member of the domain, the certifi cate issued by the
internal CA may not be trusted by default. To remedy the problem, we
need to install the CA??™s root certifi cate into the Edge Server??™s trusted root
container.
This problem won??™t occur if you were able to send the certificate request
to the CA automatically.
Configuring the Edge Server ??? Chapter 5 167
Requesting and
Assigning the External Certifi cates
The external certifi cate process is the same as the internal process we just used for the
internal certifi cate.
Run through the process three more times: once each for the Access Edge, A/V Edge,
and Web Conferencing Edge. The main difference with the public certifi cates is that you
won??™t be sending your certifi cate requests to your internal CA, you??™ll be sending them to a
public CA. Most public CAs ask that you send the request in a text fi le. The CA will then
process the text fi le and send you a secure certifi cate in return. (Each vendor handles the
request and processing differently; you will need to follow the instructions on the CA vendor??™s
Web site.)
Install the public certifi cates into your Edge Server??™s certifi cate store using the MMC
Certifi cates snap-in. Once you install the certifi cates, run through the Edge Server Certifi cate
Wizard to assign them. Note that you can assign only one certifi cate at a time.
Dealing with Security Issues
Because the Edge interacts with the outside world, you need to pay special attention to
security.
Pages:
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216