http://blogs.technet.com/kpalmvig/archive/tags/OC/default.aspxTags: OCen-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/kpalmvig/archive/2009/01/07/troubleshoot-office-communicator-problem-verifying-certificate.aspxWed, 07 Jan 2009 20:38:49 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3177536kpalmvig1http://blogs.technet.com/kpalmvig/comments/3177536.aspxhttp://blogs.technet.com/kpalmvig/commentrss.aspx?PostID=3177536<p>You encounter the following error when trying to connect to the pool with Office Communicator:</p> <p><img style="border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px" border="0" alt="OC-certificate-error" src="http://blogs.technet.com/blogfiles/kpalmvig/WindowsLiveWriter/TroubleshootOfficeCommunicatorproblemver_10624/OC-certificate-error_fb8fac62-1e9f-4d7b-8bed-a01afbcab2f9.jpg" width="509" height="208" /> </p> <p>This is caused by the certificate on the server not matching the host name you are trying to connect to. Typically this is because the _sipinternaltls SRV record in DNS is pointing to a physical OCS server instead of the pool name and the certificate on the server is (rightfully) issued for the pool name.</p> <p>Adding Subject Alternate Names in the certificate for the physical server(s) is not the right approach to solve this issue.</p> <p>After correcting the SRV record, remember to flush the DNS cache on the client.</p><img src="http://blogs.technet.com/aggbug.aspx?PostID=3177536" width="1" height="1">CertificatesTroubleshootingOC