I recently deployed a Lync 2013 environment where the customer was using a Unified Communications certificate partner for issuing certificates for both Internal and External servers.
The environment was upgraded from Lync 2010 where the servers were configured with the same certificate provider (DigiCert).
After the deployment, the Lync 2013 servers started reporting rapidly every couple of minutes upon Event ID 14584 under the Lync event viewer:
Connection attempt to at least one service in a pool failed.
Connection attempts to the following services have failed. Another attempt will be made for each service every 10 minutes.
Service Address: LYNC2010SERVER.FQDN:5061; Pool FQDN: LYNC2010POOL.FQDN; Down Time: 0:04
Cause: The specified service(s) are unavailable.
Check the servers in the pool(s) on which the service(s) are installed.
The event description didn’t provide with too much information rather than mentioning a different Lync 2010 front end server name each time.
Since all Lync services were running with no issues on both Lync 2010 and Lync 2013, we decided to verify if the Certificates were imported and configured properly.
In order to so, we’ve used DigiCert Certificate Utility for Windows which allow you to verify if a certificate issued by DigiCert is valid and contain all the necessary Intermediate and Root CA certificates.
Running the tool didn’t revealed any errors with the imported certificates or their functionality.
We then decided to compare the certificate Chain between the Lync 2010 and Lync 2013 servers to find out that DigiCert has provided with different Intermediate Certificate which wasn’t installed on the Lync 2010 FE’s servers.
Importing the missing Intermediate Certificate on the Lync 2010 FE’s solved the issue and made the events disappear from the Lync 2013 front ends event viewer.
Pingback: NeWay Technologies – Weekly Newsletter #93 – May 1, 2014 | NeWay