Hey Guys
I'm hoping someone can shed some light on this issue for me.
I've recently had to add a second sip domain to our Lync 2013 Standard Server to allow users to log in with their SMTP email address. Lync was originally configured to use [email protected]l SIP URI's.
As far as I can see I've done everything right but I'm getting a certificate trust warning when the Lync client tries to autodiscover the Lync 2013 server. Manually specifying the server's FQDN on the new sip domain works fine with no issues. With autodiscover, just simply closing the certificate warning allows Lync to sign in as if nothing was wrong.
Here's what I've done so far:

Thanks in advance
I'm hoping someone can shed some light on this issue for me.
I've recently had to add a second sip domain to our Lync 2013 Standard Server to allow users to log in with their SMTP email address. Lync was originally configured to use [email protected]l SIP URI's.
As far as I can see I've done everything right but I'm getting a certificate trust warning when the Lync client tries to autodiscover the Lync 2013 server. Manually specifying the server's FQDN on the new sip domain works fine with no issues. With autodiscover, just simply closing the certificate warning allows Lync to sign in as if nothing was wrong.
Here's what I've done so far:
- Added an additional sip domain in the topology and re-published
- Added a new DNS forward lookup zone for the sip domain
- Added lyncdiscover, lyncdiscoverinternal, sip, meet and the Lync server hostname as A records in the new DNS zone that point to the local IP of the Lync server
- Added _sipinternaltls._tcp.SMTPDomain.com SRV location that points to sip.SMTPDomain.com via tcp, port 5061
- Re-created the Certificates for Lync and made sure all the above DNS names are part of the SAN's
- Confirmed that our CA is still valid/trusted

Thanks in advance