Microsoft Teams and Skype for Business News and Thoughts

Tom Arbuthnot MVP
Tom Arbuthnot MCSM Communications

This site uses cookies

Find this blog useful? Please take a second to share, thanks!

Lync 2013 5.4 iPhone/iPad “We can’t verify the certificate from the server”

Published 30/04/2014 - 14 Comments

photo

 

It seems that in the latest version of Lync for the iPhone/iPad/iOS Microsoft have tightened up on the certificate checks. I hit this issue with a customer that had a public CA cert on their reverse proxy, but only an internal cert on a dev/test Lync 2013 edge. Previous to 5.4 Lync mobile signed in and worked fine, but on 5.4 it threw a cert error. The simple fix is to install the root cert/chain on the device.

If you are seeing this error, ensure you have the root cert/chain installed on your device (protip, you can email it to the device, even though you can’t open the certificate attachment in Outlook you can on the device).

You shouldn’t really hit this in an environment with proper public certificates from a provider trusted by iOS.

 

Update 2/5/2013: MSFT have now posted a KB on this: http://support.microsoft.com/kb/2965499/

 

Tom Arbuthnot

Tom Arbuthnot

Principal Solutions Architect at Modality Systems
Tom Arbuthnot is Principal Solutions Architect at Unified Communications specialist Modality Systems. He is a Microsoft Certified Master and MVP, blogger, regular on The UC Architects Podcast, and speaker at events including Microsoft TechEd and Ignite. He co-runs The Microsoft UC User Group London.

14 comments

Lucas - 14/05/2014 Reply

Hello,
I’m still facing this problem even after importing the Root CA on the Mobile Phone.

Is there any other Certificate besides the CA Root that should be imported?
Also, all the certificates published by my TMG are CA based. My external connections made by Notebooks with the Root CA works fine.

Should i try to install the certificate using the Iphone Configuration Tool?

Lucas - 16/05/2014 Reply

No sir, I’m using my internal CA certificates;
I tried to install the chain on the Iphone, but it does not execute the chain extension by default. Are you saying that I should import the chain certificate on the TMG server?

Bitshuffler - 21/05/2014 Reply

I’m still at a loss on this. I have the reverse-proxy configured on F5 BigIPs. Out certs are from GoDaddy. I have the G2 Bundle installed on the F5s and have imported the cert and the G2 bundle onto the iPhones. I’m sure it’s something silly, but… Everything worked fine until the 5.4 update.

    Tom Arbuthnot - 21/05/2014 Reply

    Are you using a legit public CA?

      bitshuffler - 13/06/2014 Reply

      As legit as GoDaddy gets. I’ve brought the chain into the F5s, tested the chain from external sites (green checks up and down) and still no love. This has pretty much much made all of the mobile Lync apps worthless.

Lucas - 21/05/2014 Reply

Any tips?

Robbi - 27/08/2014 Reply

I have follow this step. I have internal CA cert that have been trusted by my android. I can signed in and Lync 2013 have worked until 30 minutes later. After that, the error was occured again. The message is “We cant’t verify the certificate from the server. Please contact your support team”..
I remove the trusted CA server, instal it again, and log in to lync succesfully. Nad the error occured about 30 minutes again. and so on.

Please help me.

John B - 09/06/2015 Reply

I found this article to help right away.

http://exchangetips.us/2013/04/ios-devices-unable-to-log-into-lync/#comment-252

iman - 18/04/2017 Reply

i do all methods and not work
Have iPhone App similar Lync for use sip address and without to certificate ?
i use Sky , this app use tcp and not need to certificate

Amir Arsalan - 20/08/2017 Reply

hi sir
i have problem with ios 10.3.3 devices .all Android and Windows devices can signing on sfb2015 .even ios 9.3.5 can signing in with sfb app on iphone.but no ios device with 10.3.3 version can signing in! we can’t connect to the server.Check your network connection,Advanced options and try again! this is the error message.

p.s:use TMG as reverse proxy

    Tom Arbuthnot - 01/09/2017 Reply

    Hi,

    Sorry it’s hard to troubleshoot this kind of issue on forum questions. You might want to try the SfB Tech community forum (tom.qs/sfbforum) or Microsoft or partner support.

Leave a Reply:


close

Weekly Email Update 
of all the key 
Microsoft Teams and Skype for Business News
every Tuesday

No Spam ever, I promise - Tom