Mino – The UC Guy

Microsoft Unified Communications Blog

3 Responses to “Communicator Phone Edition doesn’t work with PKI SHA2”

  1. Jeremy Marut said

    I was excited to see this post because we have an identical architecture and we’re experiencing an identical loop with downloading and installing the certificate. However, the solution was a downer because I found we are already using 2048 with SHA1.

    What I’m finding is that while the phone gets past the “contacting time service” prompt on initial boot, the time and date are incorrect. I think this invalidates the cert that the phone downloaded. The phone will then loop getting and installing what essentially is an expired certificate.

    As difficult as everyone said the R1 phones were to update, I wish these newer phones allowed you to get into the OS to check on the time server settings or validate what we think the issues are. Our Microsoft pilot contacts don’t want to put in the time to fix a Nortel issue and the Nortel pilot people aren’t that hot on putting in time on a Microsoft pilot…

  2. Iamsuffering said

    Jeremy, I am running into the same issue as you (Have SHA1 but the phones will not register and get the expired certificate issue). Were you able to get past this, and if so, what did you need to do?

  3. […] a logn resarch, I found only mino facing the exact same problem. and bingo! the root certificate of this particular company was SHA2 @ 4096 bits. As the Polycom […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: