Configuring Authentication and Certification on IIS Virtual Directories
To correctly pass SSL encrypted packets
through the reverse proxy into the IIS directories on the Lync Server
servers, make sure that certification is properly configured on IIS.
This task can be performed with the following steps:
1. Log in to the Lync Server that is being published through the reverse proxy.
2. Click Start, All Programs, Administrative Tools, and select Internet Information Services (IIS) Manager.
3. In the IIS manager, expand the ServerName, and expand Sites.
4. Click Lync Server external Web Site.
5. In the Actions pane, click Bindings. Verify that the HTTPS is associated with port 4443, as shown in Figure 5, and click HTTPS.
Figure 5. Verifying the HTTPS port.
6. In the Edit Site Binding dialog box, verify that the correct certificate is associated, as shown in Figure 6. This should be the certificate used in the previous TMG Listener configuration.
Figure 6. Verifying the SSL certificate.
7. On the Directory Security tab, click Server Certificate, located under Secure Communications.
8. On the Welcome to the Web Server Certificate Wizard page, click Next.
9. On the Server Certificate page, click Assign an Existing Certificate, and click Next.
10. On the SSL Port page, verify that the value is set to 4443 in the SSL Port this Web Site Should Use box and click Next.
11. On the Certificate Summary page, verify the settings, and click Next.
12. Click Finish.
13. Click OK to close the Default Web Site Properties dialog box.