LCS 2005 SP1 Public Internet Connectivity (PIC) and Certificates

This really deserves (needs, mandates) a complete posting on Certificate issues but I don't have the time at the moment. Do keep a look out as it might impact the other posts about client behavior and certificates. While I might remove the post, I will convert it to an article and link in the updated document.

Customers who will pursue the Public Internet Connectivity feature allowing IM communication with AOL, Yahoo!, and MSN will have to obtain a certificate from a public authority. To be precise, a public trusted authority is one in which anyone can get the trusted authority certificate and typically have their root authority certificate already a part of the operating system when installed. The common names you will recognize are Entrust, RSA, Thawte and Verisign.

If you are a customer who will allow for more than one name in your environment:

Contoso.com, sales.contoso.com, research.contoso.com

business1.com, business2.com, business3.com

you will need to ask the Certificate provider if they support Subject Alternative Name. I don't want to go into too much detail now as I said earlier becuase this becomes a huge discussion which needs to be systematically broken down.

So what have you walked away from this post with? If you need to support multiple names you need a certificate provider that supports Subject Alternative Name.

Toml LCSKid