Part 2: RMX configuration
Create and add the RMX certificates with an internal PKI.
Open the Microsoft Management Console (mmc.exe) of your Certificate authority server.
File > Add/Remove Snap-in > Certificate > Computer > Account Computer
Select in the personal directory the root certificate (All roles) and export it once with the private key (.pfx with password) and one without the private key (.cer 64 based).
Now on your RMX manager open Setup > RMX secured communication > Certification Repository.
 |
| List of the trusted certificates of the RMX |
You can now add the root CA in trusted certificate (Edit the .cer and copy paste to the add menu).
To associate a certificate to IP Network Services, you must add the root certificate to the interface first. Personal certificate > Add > IP network Services > .pfx
Enter the .pfx file with the right password.
If all happens without errors you can now create a specific request for the interface. Personal certificate > Add > IP network Services > Certificate request
Fulfill all fields (FQDN of the rmx for the common name) and paste the request in the text file.
Use the certsrv command to generate the rmx’s certificate on the PKI.
certreq -attrib "certificatetemplate:webserver" -submit rmxcertrequest.txt
Push the certificate in the RMX, on IP network services. Click Add and paste the file generated.
Your RMX has now his certificate; it can be trusted by Lync. If you haven’t an internal certificate authority, you can generate this certificate from the Lync FE.
You can follow the guide for Create a trusted application pool, define a static route on Lync and create a new Lync user associated to a meeting room.
Configure your RMX
 |
| Lync registration |
In this example, H.323 is disabled on my RMX (it can be registered on the DMA).
Do not forget to accept the SIP registration on the conference profile:
 |
| Sip registration to Lync |
You can now create your lync meeting room which will be registered to the Lync server.
Tip: If you change the duration of the VMR, the VMR will try again a registration to the lync server. If the VMR is not registered the first time, you can modify your configuration and test it without delete and recreate the VMR.
Your VMR is now reachable with a lync client!
 |
| Lync client connected on the VMR10 |
The first part of the configuration is done!
No comments:
Post a Comment