Lync/ Exchange Certificates CRL Check (Proxy Servers)

In Exchange, as well as in Lync in always have some customers using proxy server.
Due to nature of proper certificate validation processes, windows server need to validate the CRL (Certificate Revocation List). Since the CRL is a normal file, which we can download from CA provider, we need to ensure the accessibility of those files.

in some customer environments we also find a mysterious behavior and we need to modify the WINHTTP proxy settings manually.

there are two ways how to do so, if the normal IE setting will not work:

netsh winhttp import proxy ie
or
netsh winhttp set proxy proxy-server="http://wstmg.customer.com:3128" bypass-list="*.customer.com,<local>"



while with the bypass-list we need to play around till it fits.
Also happened, especially in Exchange, I had to reboot the server before the settings got activated.

Also don't forget about the IE Setting:
for installation purposes (also for service packs), you should disable these setting if you DONT have an Internet connection, but later make sure its enabled again.


Comments

  1. Awesome! I was thinking this is more work then this, i will need just few clicks.

    ReplyDelete
  2. Hi Jessica,
    well, even if you link to another proxy server website, what kind of information you are lacking?

    ReplyDelete

Post a Comment

Popular posts from this blog

Skype for Business, Lync and Exchange Web Services (EWS) and different DNS Domains- Exchange crawling e.g. for presence

Lync 2013 Client, Desktop Sharing shows blank screen (Windows 7, Windows 8, Windows 8.1)

File Share Perfomance for Skype for Business (slow conference join, slow address book)