-->
- Skype For Business Mac Verifying Certificate Check Your Clock Settings 2017
- Skype For Business Mac Verifying Certificate Check Your Clock Settings Online
- Skype For Business Mac Verifying Certificate Check Your Clock Settings Download
- Skype For Business Mac Verifying Certificate Check Your Clock Settings Windows 10
- Skype For Business Mac Verifying Certificate Check Your Clock Settings Chart
Hi Anthony, Thanks for your reply.I tell you what is the reason behind to ask this query.We have two Enterprise Front end pools and when I check into first pool configuration information,it shows 'Container list Preferred End' set as a 'false' and second pool as 'True' although we have common client policy and everything is same. May 11, 2020 In iOS 10.3 and later and iPadOS, when you manually install a profile that contains a certificate payload, that certificate isn't automatically trusted for SSL. This article is intended for system administrators for a school, business, or other organization. May 28, 2020 Skype for Business on Mac is the all new client that provides great communication experiences for Apple users. Features like one-click join, edge-to-edge video, and full screen sharing give you a superior Skype Meetings experience. The cause of each message is slightly different, but both errors are caused by the inability to verify the authenticity of a certificate or certification authority. For more information, go to the following Apple website.
Summary: Learn how to deploy Edge Servers into your Skype for Business Server environment.
The following sections contain steps that are meant to be followed after the Skype for Business Server Plan for Edge Server deployments in Skype for Business Server documentation has been reviewed. The deployment steps are as follows:
- Network interfaces
- Installation
- Certificates
- Starting the Edge Servers
Network interfaces
As noted in Planning, you will either be configuring your network interface with DNS in the perimeter network hosting your Edge Servers, or without DNS in the perimeter network.
Interface configuration with DNS servers in the perimeter network
- Install two network adapters for each Edge Server, one for the internal-facing interface, and one for the external-facing interface.NoteThe internal and external subnets must not be routable to each other.
- On your external interface, you'll configure one of the following:a. Three static IP addresses on the external perimeter network subnet, and point the default gateway to the internal interface of the external firewall. Configure the adapter DNS settings to point to a pair of perimeter DNS servers.b. One static IP address on the external perimeter network subnet, and point the default gateway to the internal interface of the external firewall. Configure the adapter DNS settings to point to a pair of perimeter DNS servers. This configuration is ONLY acceptable if you have previously configured your topology to have non-standard values in the port assignments, which is covered in the Create your Edge topology for Skype for Business Server article.
- On your internal interface, configure one static IP on the internal perimeter network subnet, and don't set a default gateway. Configure the adaptor DNS settings to point to at least one DNS server, but preferably a pair of perimeter DNS servers.
- Lounge lizard session keygen torrent. Create persistent static routes on the internal interface to all internal networks where clients, Skype for Business Server, and Exchange Unified Messaging (UM) servers reside.
Interface configuration without DNS servers in the perimeter network
- Install two network adapters for each Edge Server, one for the internal-facing interface, and one for the external-facing interface.NoteThe internal and external subnets must not be routable to each other.
- On your external interface, you'll configure one of the following:a. Three static IP addresses on the external perimeter network subnet. You'll also need to configure the default gateway on the external interface, for example, defining the internet-facing router or the external firewall as the default gateway. Configure the adapter DNS settings to point to an external DNS server, ideally a pair of external DNS servers.b. One static IP address on the external perimeter network subnet. You'll also need to configure the default gateway on the external interface, for example, defining the internet-facing router or the external firewall as the default gateway. Configure the adapter DNS settings to point to an external DNS server, or ideally a pair of external DNS servers. This configuration is ONLY acceptable if you have previously configured your topology to have non-standard values in the port assignments, which is covered in the Create your Edge topology for Skype for Business Server article.
- On your internal interface, configure one static IP on the internal perimeter network subnet, and don't set a default gateway. Also leave the adapter DNS settings empty.
- Create persistent static routes on the internal interface to all internal networks where clients, Skype for Business Server, and Exchange Unified Messaging (UM) servers reside.
- Edit the HOST file on each Edge Server to contain a record for the next hop server or virtual IP (VIP). This record will be the Director, Standard Edition server or Front End pool you configured as the Edge Server next hop address in Topology Builder. If you're using DNS load balancing, include a line for each member of the next hop pool.
Installation
To complete these steps successfully, you will need to have followed the steps in the Create your Edge topology for Skype for Business Server article.
- Log onto the server you've been configuring for the Edge Server role with an account that's in the local Administrator's group.
- You'll need the topology configuration file you copied out at the end of the Edge Server Topology documentation on this machine. Access the external media you placed that configuration file on (like a USB drive or share).
- Start the Deployment Wizard.
- Once the wizard opens, click Install or Update Skype for Business Server System.
- The wizard will run checks to see if anything's already installed. As this is the first time running the wizard, you'll want to start at Step 1. Install Local Configuration Store.
- The Configure Local Replica of Central Management store dialog will appear. You need to click Import from a file (Recommended for Edge Servers).
- From here, browse to the location of the topology you exported previously, select the .zip file, click Open, and then click Next.
- The Deployment Wizard will read the configuration file and write the XML configuration file to the local computer.
- After the Executing Commands process is finished, click Finish.
- In the Deployment Wizard, click Step 2. Setup or Remove Skype for Business Server Components. The wizard will then install the Skype for Business Server Edge components specified in the XML configuration file that's been stored on the local computer.
- Once the installation's complete, you can move onto the steps in the Certificates section below.
Certificates
The certificate requirements for the Edge Server can be found in the Edge Certificate Planning documentation. The steps for setting up certificates are below.
Note
When running the Certificate Wizard, you need to be logged in as an account with the correct permissions for the type of certificate template you're going to use. By default, a Skype for Business Server certificate request is going to use the Web Server certificate template. If you're logged in with an account that's a member of the RTCUniversalServerAdmins group to request a certificate via this template, double-check to make sure the group's been assigned the Enroll permissions to use that template.
Internal Edge interface certificates
1. Download or export the CA certification chain
a. Download using certsrv web site
i. Log into a Skype for Business Server in your internal network as a member of the local Administrators group.
ii. Open up Start, and Run (or Search and Run ), and then type the following:
For example:
iii. On the issuing CA's certsrv web page, under Select a task, click Download a CA certificate, certificate chain, or CRL.
iv. Under Download a CA certificate, certificate chain, or CRL, click Download CA certificate chain.
v. In the File Download box, click Save.
vi. Save the .p7b file to the hard disk drive on the server, and then copy it to a folder on each of your Edge Servers.
b. Export using MMC
i. You can export the CA root certificate from any domain joined machine using the MMC. Either go to Start and Run, or open Search, and type MMC to open.
ii. In the MMC console, click File, and then click Add/Remove Snap-In.
iii. From the Add or Remove Snap-ins dialog list, choose Certificates, and then click Add. When prompted, select Computer Account, and then Next. On the Select Computer dialog, select Local Computer. Click Finish, and then OK.
iv. Expand Certificates (Local computer). Expand Trusted Root Certification Authorities. Select Certificates.
v. Click the root certificate issued by your CA. Right-click the certificate, choose All Tasks on the menu, and then select Export.
vi. The Certificate Export Wizard opens. Click Next.
vii. On the Export File Format dialog, choose the format you want to export to. Our recommendation is Cryptographic Message Syntax Standard - PKCS #7 Certificates (P7b). If that's your choice as well, remember to also select the Include all certificates in the certification path if possible checkbox, as this will also export the certificate chain, including the root CA certificate and any Intermediate certificates. Click Next.
viii. On the File to Export dialog, in the file name entry, type a path and file name (the default extension would be .p7b) for the exported certificate. If it's easier on you, choose the Browse button to go to the location you want to save the exported certificate to, and name the exported certificate here. Click Save, and then Next when you're ready.
ix. Review the summary of your actions, and click Finish to complete the export of the certificate. Click OK to confirm the successful export.
x. Copy the .p7b file to each of your Edge Servers.
2. Import the CA certification chain
a. On each Edge Server, open the MMC (choose Start and Run, or Search, and type MMC to open).
b. On the File menu, click Add/Remove Snap-in, and then choose Add.
c. In the Add or Remove Snap-ins box, click Certificates, and then click Add.
d. In the Certificate snap-in dialog box, click Computer account, and then click Next.
e. In the Select Computer dialog box, ensure that the Local Computer: (the computer this console is running on) check box is selected, and then click Finish.
f. Click Close, and then OK.
g. In the console tree, expand Certificates (Local Computer), right-click Trusted Root Certification Authorities, go to All Tasks, and then click Import.
h. In the wizard that appears, in the File to Import textbox, specify the file name of the certificate (the name you gave the .p7b file in the previous section). Click Next.
i. Leave the radio button on Place all certificates in the following store, as Trusted Root Certification Authorities should be selected. Click Next.
j. Review the summary, and click Finish to complete the import.
k. This will need to be done for every Edge Server you're deploying.
3. Create the certificate request
a. Log on to one of your Edge Servers, start the Deployment Wizard, and on Step 3: Request, Install, or Assign Certificates, click Run (or Run Again, if you've already run this wizard).
b. On the Certificate Request page, ensure Internal Edge Certificate is selected, and click Request.
c. On the Delayed or Immediate Requests page, choose Send the request immediately to an online certification authority if you have access to one from your Edge environment, or Prepare the request now, but send it later otherwise.
d. On the Certificate Request File page, enter the full part and file name for where the file will be saved (such as c:SkypeInternalEdgeCert.cer). Click Next.
e. On the Specify Alternate Certificate Template page, to use a template other than the default WebServer template, check the Use alternative certificate template for the selected Certificate Authority check box. Otherwise, do nothing.
f. On the Name and Security Settings page, do the following:
i. In Friendly name, enter a display name for the certificate (such as Internal Edge).
ii. In Bit length, choose your bit length (the default is 2048, you can go higher and be more secure, but it will make performance slow down).
iii. If you need an exportable certificate, you must check the Mark certificate private key as exportable check box.
iv. Click Next.
g. On the Organization Information page, enter the name for your organization and organizational unit (OU). You might enter your division or department (IT, for example).
h. On the Geographical Information page, enter your location information.
i. On the Subject Name/Subject Alternate Names page, this should be auto-populated by the wizard.
j. On the Configure Additional Subject Alternate Names page, you need to add any additional subject alternative names that you need.
k. On the Request Summary page, look over the certificate information that's going to be used to generate your request. If you need to make changes, go back and do so now.
l. Then click Next to generate the CSR file you'll need to provide to the CA (you can also click View Log to look at the log for the certificate request).
m. Once the request has been generated, you can click View to look at the certificate, and Finish to close out the window. The contents of the CSR file need to be given to your CA, so they can generate a certificate for you to import to this computer in the next section.
4. Import the certificate
a. Log on, as a member of the local Administrators group, to the Edge Server you made your certificate request from in the last procedure.
b. In the Deployment Wizard, next to Step 3. Request, Install or Assign Certificates, click Run Again.
c. On the Available Certificates Tasks page, click Import a certificate from a .P7b, .pfx or .cer file.
d. On the Import Certificate page, type the full path and file name of the certificate you got in the previous section (or you can click Browse to find and choose the file that way).
e. If you're importing certificates for other members of your Edge pool, and your certificate contains a private key, be sure to select the Certificate file that contains certificate's private key check box, and specify the password. Click Next to continue.
f. On theSummary page, click Next once you've confirmed the information, and Finish once the certificate is successfully imported.
5. Export the certificate
a. Make sure you've logged onto the Edge Server you imported the certificate to previously, as a member of the local Administrators group.
b. Click Start, Run (or open Search ), and type MMC.
c. From the MMC console, click File, and click Add/Remove Snap-in.
d. From the Add or Remove Snap-ins box, click Certificates, and click Add.
e. In the Certificates snap-in dialog box, choose Computer account. Click Next.
f. On the Select Computer dialog, select Local computer: (the computer this console is running on). Click Finish. Click OK, and the configuration of the MMC console is completed.
g. Double-click Certificates (Local Computer) to expand the certificate stores. Double-click Personal, and then click Certificates.
Note
You may be here, and you don't see any certificates in the Certificates Personal store for the local computer. You don't need to hunt around, if the key's not there, the imported certificate didn't have a private key associated with it. Try the request and import steps above one more time, and if you're sure you got all that right, talk to your CA administrator or provider.
h. In the Certificates Personal store for the local computer, right-click the certificate that you're exporting. Select All Tasks from the resulting menu, and then click Export.
i. In the Certificate Export Wizard, click Next. Select Yes, export the private key. Click Next.
j. On the Export File Formats dialog, select Personal Information Exchange - PKCS#12 (.PFX), and then select the following:
i. Include all certificates in the certification path, if possible.
ii. Export all extended properties.
Note
NEVER select Delete the private key if the export is successful. It'll mean you have to reimport the certificate and private key back to this Edge Server.
k. If you want to assign a password to protect the private key, you can type a password for the private key. Reenter the password to confirm, and then click Next.
l. Type a path and file name for the exported certificate, using a file extension of .pfx. The path either needs to be accessible by the other Edge Servers in the pool, or you'll need to move the file by means of external media (such as a USB drive). Click Next when you've made your choice.
m. Review the summary on the Completing the Certificate Export Wizard dialog, and then click Finish.
n. Click OK in the successful export dialog.
6. Assign the certificate
a. On EACH Edge Server, in the Deployment Wizard, next to Step 3. Request, Install or Assign Certificates, click Run again.
b. On the Available Certificates Tasks page, click Assign an existing certificate.
c. On the Certificate Assignment page, select Edge Internal in the list.
d. On the Certificate Store page, select the certificate you've imported for the internal Edge (from the previous section).
e. On the Certificate Assignment Summary page, look over the settings, and then click Next to assign the certificate.
f. On the wizard completion page, click Finish.
g. Once you've completed this procedure, it's a really good idea to open the Certificates MMC snap-in on each Edge Server, expand Certificates (Local computer), expand Personal, click Certificates, and confirm that the internal Edge certificate is listed in the details pane.
External Edge interface certificates
1. Create the certificate request
a. Log on to one of your Edge Servers, start the Deployment Wizard, and on Step 3: Request, Install, or Assign Certificates, click Run (or Run Again, if you've already run this wizard).
b. On the Available Certificate Tasks page, click Create a new certificate request.
c. On the Certificate Request page, ensure External Edge Certificate is selected, and click Next.
d. On the Delayed or Immediate Requests page, click Prepare the request now, but send it later.
e. On the Certificate Request File page, enter the full part and file name for where the file will be saved (such as c:SkypeInternalEdgeCert.cer). Click Next.
f. On the Specify Alternate Certificate Template page, to use a template other than the default WebServer template, check the Use alternative certificate template for the selected Certificate Authority check box.
g. On the Name and Security Settings page, do the following:
i. In Friendly name, enter a display name for the certificate (such as External Edge).
ii. In Bit length, choose your bit length (the default is 2048, you can go higher and be more secure, but it will make performance slow down).
iii. If you need an exportable certificate, you must check the Mark certificate private key as exportable check box.
iv. Click Next.
h. On the Organization Information page, enter the name for your organization and organizational unit (OU). You might enter your division or department (IT, for example).
i. On the Geographical Information page, enter your location information.
j. On the Subject Name/Subject Alternate Names page, the needed information should be auto-populated by the wizard.
k. On the SIP Domain Setting on Subject Alternate Names (SANs) page, check the domain checkbox to add a sip. entry to the subject alternative names list.
l. On the Configure Additional Subject Alternate Names page, you need to add any additional subject alternative names that you need.
m. On the Request Summary page, look over the certificate information that's going to be used to generate your request. If you need to make changes, go back and do so now.
n. When you're ready, click Next to generate the CSR file you'll need to provide to the CA (you can also click View Log to look at the log for the certificate request).
o. Once the request has been generated, you can click View to look at the certificate, and Finish to close out the window. The contents of the CSR file need to be given to your CA, so they can generate a certificate for you to import to this computer in the next section.
p. (OPTIONAL) You may, when submitting the contents of the CSR, be asked for certain information, as follows (CAs vary greatly, so this may not be required):
- Microsoft as the server platform
- IIS as the version
- Web Server as the usage type
- PKCS7 as the response format
2. Import the certificate
a. Log on, as a member of the local Administrators group, to the Edge Server you made your certificate request from in the last procedure.
b. In the Deployment Wizard, next to Step 3. Request, Install or Assign Certificates, click Run Again.
c. On the Available Certificates Tasks page, click Import a certificate from a .P7b, .pfx or .cer file.
d. On the Import Certificate page, type the full path and file name of the certificate you got in the previous section (or you can click Browse to find and choose the file that way). If your certificate contains a private key, make sure to select Certificate file contains certificate's private key, and enter the password for the private key. Click Next when ready.
e. On the Import Certificate Summary page, review the summary information, and click Next.
f. On the Executing Commands page, you can review the result of the import when it's complete by clicking View Log. Click Finish to complete the certificate import.
g. If you have other Edge Servers in a pool, you'll need to follow the next two procedures as well. If this is a standalone Edge Server, you're done with external certificates.
3. Export the certificate
a. Make sure you've logged onto the Edge Server you imported the certificate to as a local Administrator.
b. Click Start, Run (or open Search ), and type MMC.
c. From the MMC console, click File, and then click Add/Remove Snap-in.
d. From the Add or Remove Snap-ins box, click Certificates, and click Add.
e. In the Certificates snap-in dialog box, choose Computer account. Click Next.
f. On the Select Computer dialog, select Local computer: (the computer this console is running on). Click Finish. Click OK, and the configuration of the MMC console is completed.
g. Double-click Certificates (Local Computer) to expand the certificate stores. Double-click Personal, and then click Certificates.
Note
You may be here, and you don't see any certificates in the Certificates Personal store for the local computer. You don't need to hunt around, if the key's not there, the imported certificate didn't have a private key associated with it. Try the request and import steps above one more time, and if you're sure you got all that right, talk to your CA administrator or provider.
h. In the Certificates Personal store for the local computer, right-click the certificate that you're exporting. Select All Tasks from the resulting menu, and then click Export.
i. In the Certificate Export Wizard, click Next. Select Yes, export the private key. Click Next.
Note
If Yes, export the private key isn't available, then the private key for this certificate wasn't marked for export before you got it. You need to request the certificate from the provider again, with the private key set to export, before doing this successfully.
j. On the Export File Formats dialog, select Personal Information Exchange - PKCS#12 (.PFX) and then select the following:
i. Include all certificates in the certification path, if possible.
ii. Export all extended properties.
Note
NEVER select Delete the private key if the export is successful. It'll mean you have to reimport the certificate and private key back to this Edge Server.
k. If you want to assign a password to protect the private key, you can type a password for the private key. Reenter the password to confirm, and then click Next.
l. Type a path and file name for the exported certificate, using a file extension of .pfx. The path either needs to be accessible by the other Edge Servers in the pool, or you'll need to move the file by means of external media (such as a USB drive). Click Next when you've made your choice.
m. Review the summary on the Completing the Certificate Export Wizard dialog, and then click Finish.
Skype For Business Mac Verifying Certificate Check Your Clock Settings 2017
n. Click OK in the successful export dialog.
o. You'll now need to go back to the Import the certificate section prior to this and import the certificate to all your remaining Edge Servers, then proceed with assigning, below.
4. Assign the certificate
a. On EACH Edge Server, in the Deployment Wizard, next to Step 3. Request, Install or Assign Certificates, click Run again.
b. On the Available Certificates Tasks page, click Assign an existing certificate.
c. On the Certificate Assignment page, select Edge External in the list.
d. On the Certificate Store page, select the certificate you've imported for the external Edge (from the previous section).
e. On the Certificate Assignment Summary page, look over the settings, and then click Next to assign the certificate.
f. On the wizard completion page, click Finish.
g. Once you've completed this procedure, it's a really good idea to open the Certificates MMC snap-in on each server, expand Certificates (Local computer), expand Personal, click Certificates, and confirm that the internal Edge certificate is listed in the details pane.
Note
You will also have needed to set up the certificates for your reverse proxy server.
Starting the Edge Servers
Once the setup is complete, you'll need to start the services on each Edge server in your deployment:
- On each Edge Server, in the Deployment Wizard, next to Step 4: Start Services, click Run.
- On the Start Skype for Business Server Services page, review the list of services, and then click Next to start the services.
- After the services are started, you can click Finish to close the wizard.
- (Optional) Still under Step 4: Start Services, click Services Status.
- In the Services MMC on each server, verify that all the Skype for Business Server services are running.
Problem
When an Office 365 user tries to sign in to Skype for Business Online (formerly Lync Online) by using Lync 2010 or Lync 2013, the user receives the following error message:
Additionally, when you try to sign in to Lync after a network outage or a Skype for Business Online service outage, you receive the following error message:
Cause
This issue may occur if one or more of the following conditions are true:
- The software is out of date.
- The Lync client is out of date.
- The Microsoft Online Services Sign-In Assistant is out of date.
- The certificates cannot be acquired or validated.
- The Skype for Business Online personal certificate or the cached credentials are corrupted or are out of date.
- Part of the certificate chain is untrusted and the certificate chain fails validation.
Solution
Resolution for Lync 2013
Delete the sign in information
During the sign in process, Lync 2013 caches your credentials and other information about its connection to Skype for Business Online. If you have trouble signing in to Skype for Business Online, click Delete my sign-in information and Lync 2013 will automatically remove any saved password, certificates, and connection settings for the user account.
Resolution for Lync 2010
- Update the Lync client to the latest version that's available on the Downloads page of the Office 365 portal.
- Update the Microsoft Online Services Sign-In Assistant to the latest version.
- Clear your cached certificates, credentials and connections.
Additional troubleshooting steps for Lync 2013 and Lync 2010
Skype For Business Mac Verifying Certificate Check Your Clock Settings Online
Note
Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.
If the steps earlier in this article don't resolve the issue, try the following methods, as appropriate for your situation:
- When Lync connects to a specific front-end server, it caches that endpoint to make the sign-in process faster in the future. However, sometimes the endpoint can be changed and can cause sign-in to fail. To delete the endpoint cache, follow these steps:
- Locate the local application data folder:
- Windows Vista, Windows 7 and Windows 8 (excluding Windows 8 RT):%LOCALAPPDATA%MicrosoftCommunicator<[email protected]>
- Windows XP:%USERPROFILE%Local SettingsApplication DataMicrosoftCommunicator<[email protected]>
- Delete the folder associated with your sign-in address.
- Restart Lync, and then try to sign in to Skype for Business Online.
- Locate the local application data folder:
- If you're using Lync 2010, delete the Skype for Business Online personal certificate and then download a new one. Be aware that when the user clicks Save Password in Lync 2010, this action also saves the certificate in Windows Certificate Manager.To delete a personal certificate, follow these steps:
- Delete the certificate in Windows Certificate Manager. To do this, follow these steps:
- Open Windows Certificate Manager. To do this, press Windows + R, type certmgr.msc, and then click OK.
- Expand Personal, and then expand Certificates.
- Sort by the Issued By column, and then look for a certificate that's issued by Communications Server.
- Verify that the certificate is present and that it isn't expired.
- Delete the certificate and try to sign in to Skype for Business Online. If you can't sign in to Skype for Business Online, go to step 2.
- If you're running Windows 7, remove the user's stored credentials in Windows Credential Manager. To do this, follow these steps:
- Open Control Panel, and then click Credential Manager.
- Locate the set of credentials that's used to connect to Skype for Business Online.
- Expand the set of credentials, and then select Remove from Vault.
- Try to sign in to Skype for Business Online again, and then type your new set of credentials.NoteThese steps aren't necessary in Lync 2013 because the steps that were previously mentioned that delete sign in information removes the certificates automatically.
- Delete the certificate in Windows Certificate Manager. To do this, follow these steps:
- Flush the DNS cache. To do this, follow these steps:
- Press Windows + R, type the following command, and then press Enter:Ipconfig /flushdns
- Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.On the affected computers, check the following registry key:HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptographyMachineGuidIf the value of MachineGuid contains braces around the GUID (for example, {c1cbd94c-0d35-414c-89ef-dd092b984883}), then remove the braces, restart Lync, and then try to sign in again.
Skype For Business Mac Verifying Certificate Check Your Clock Settings Download
Resolution for Skype for Business Online administrators: Validate the certificate chain
End-users may receive an error stating that the certificate can't be validated, and this usually happens because one of the certificates in the chain is untrusted and can't be validated. This typically occurs for customers who use single sign-on in Office 365 or for customers who have Lync hybrid deployments.
For more information about certificate validation with Lync, see Lync Mobile users cannot sign in after they update to client version 5.4.
Note
Although this article is written for mobile devices, the same concepts apply to Lync clients.
More Information
If the issue persists after you perform these troubleshooting steps, contact Microsoft Office 365 technical support or the Microsoft Office 365 Community forums. In certain cases, the Active Directory Domain Services user account may be incomplete or corrupted. Therefore, Skype for Business Online can't generate a personal certificate. This may not affect all of a tenant's accounts because the effect depends on the state of the server when the user account was created.
To narrow the issue, determine whether the issue occurs for multiple user accounts on the same computer. Then, try to sign in to Skype for Business Online from the same computer by using multiple user accounts. This process indicates whether the problem is related to the configuration of the computer or an issue with the Skype for Business Online user account.
Did this fix the problem?
Skype For Business Mac Verifying Certificate Check Your Clock Settings Windows 10
- Check whether the problem is fixed.
- If the problem is fixed, you are finished with these steps.
- If the problem isn't fixed, go to Microsoft Community, or contact support.
- We'd appreciate your feedback. To provide feedback or to report any issues with this solution, please send us an email message.
Skype For Business Mac Verifying Certificate Check Your Clock Settings Chart
Still need help? Go to Microsoft Community.