Federation trouble with some partners after public certificate renewal

I always seem to find the answer to my problems on this Forum , but this time im stuck and need a little help.
Problem happened after i renewed public certificate on Lync Edge server. Instantly discovered federated partners dropped from 13 to 3. I get presence unknown with the "undiscovered" partners.
I also got same problem with 2 out of 5 direct/enhanced federated partners.
 Lync mobile ”Push Notifications” also stopped working.
I updated the certificate 29.october. Since then discovered partners has increased to 7, Lync Mobile ”Push Notifications” started working after avout 2 weeks, but I’m still missing federation with a couple of important partners, 
and i still dont have federation working with partners using Lync Online (sipfed.online.lync.com). I do however never lost the federation with MSN contacts.
Looking through the Edge server Event Viewer , I do see alot of ”LS Protocol Stack” – Event id 14502
A significant number of connection failures have occurred with remote server sip.sarpsborg.com IP xx.xx.xx.xxx. There have been 289 failures in the last 880 minutes. There have been
a total of 6516 failures.
The specific failure types and their counts are identified below.
Instance count  
- Failure Type
6095                
0x80072746(WSAECONNRESET)
421                
0x8007274C(WSAETIMEDOUT)
This can be due to credential issues, DNS, firewalls or proxies. The specific failure types above should identify the problem.
When I Run the “Microsoft Remote Connectivity Analyzer” it is all green except for small warning saying.
Analyzing the certificate chains for compatibility problems with versions of Windows.
Potential compatibility problems were identified with some versions of Windows.
Additional Details
ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root
Certificates" feature isn't enabled.
My Certificate is bought from highly respected certificate authority, and it was renewed with the same authority.
When logging from a client i get these errors.
ms-diagnostics:
1047;reason="Failed to complete TLS negotiation with a federated peer server";WinsockFailureCode="10054(WSAECONNRESET)";WinsockFailureDescription="The peer forced closure of the connection";Peer="sip.partnerdomain.com";Port="5061";source="sip.our.domain.no"
I looks to me like some of my previously federated partners dont like my new certificate, and that they basically need to update their root certificate.
I’m having a hard time establishing exactly what has gone wrong here.
Since I now have federation working with 7 partners, Lync Mobile is working with Push notifications and Microsoft Remote Connectitivity Analyser tells me Almost everything is fine.
Is there anything misconfigured at my installation, or anywhere i can look deeper?
Or…
Maybe my public Certificate Authoirty provided me with a certificate that’s ”too new”?
Or..
Maybe our federated partners havent updated their Root Server Certificates on their edge server in a while?
Can anyone help me point me in the right direction where i can look for more information?

Hi,Jorgen,
Did you run  Test-CsFederatedPartner and see if it returns successful results?
Also please check the new certificate is located in the trusted cert store on your Lync server,if not please manually add it under the personal certificates and under trusted root certification authorities,then reboot the Lync server.
Here is an old thread with similar error message about the same failure type for your reference.
http://social.technet.microsoft.com/Forums/nl-NL/ocsedge/thread/f2f39c06-cb3a-456d-8578-ee2408116ebb
If still no luck please turn on Lync server logging and reproduce the issue to get the trace log for more specific information for troubleshooting.
Regards,
Sharon
Sharon Shen
TechNet Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.

Similar Messages

  • Anyone else having trouble with FCPX crashing after the OSX update?

    Anyone else having trouble with FCPX crashing after the OSX update? It NEVER crashed until the update. The night before last it crashed 20 times in 45 minutes. I can't finish my project because of it.
    Retina, Mid 2012
    Processor  2.3 GHz Intel Core i7
    Memory  8 GB 1600 MHz DDR3
    Graphics  NVIDIA GeForce GT 650M 1024 MB
    Software  OS X 10.9 (13A603)

    therealamaru wrote:
    I don't understand the question. I am simply editing.
    There are some patterns of crashes that suggest possible causes and fixes; some users report crashes when FCPX is in the process of loading; others while importing/exporting, etc. Asking to narrow the list of possibilities.
    Suggest starting with three things:
    1) Update the software from the APp Store  if need be.
    2) Trash preferences.
    3) Repair permissions.
    Russ

  • Anyone else having trouble with missing ringtones after upgrading to 8.1.1

    Anyone else having trouble with missing ringtones after upgrading to 8.1.1?

    Try resetting the keyboard dictionary
    Settings>General>Reset>Reset Keyboard Dictionary

  • HT1414 I have broken the glass on my ipod touch. I am having trouble with some of my apps opening when I touch the screen. Can the glass be replaced? Will that solve the problem?

    I have broken the glass on my ipod touch. I am having trouble with some of my apps opening when I touch the screen. Can the glass be replaced? Will that solve the problem?

    Very likely yes.
    Apple will exchange your iPod for a refurbished one for $199 if a 64 GB 4G, $99 for the other 4G iPods and $149 for a 5G. They do not fix yours.
    Apple - iPod Repair price              
    A third-party place like the following maybe less. Google for more.
    iPhone Repair, Service & Parts: iPod Touch, iPad, MacBook Pro Screens
    Replace the screen yourself if you are up to it
    iPod Touch Repair – iFixit

  • IPad2 got a terrible trouble with 3G network after updateing to IOS5.1.1

    Hello guys, I got a terrible trouble with 3G network after updateing to IOS 5.1.1.    Now when I turn on my cellular data, the iPad 2 can say the carrier and 3G on the left top. But when I tap the Safari, it turns to be:"PDP authentication failure". I did the update to 5.1.1 last night, before that every thing is fine, and now I can't use my 3G at all.
    Could anyone please tell me what's happing and what should I do???
    Thank you so much!

    Hi Miky. After upgrading to ios 5.1 I had the same problem.
    I reset the APN on network settings and rewriting the same. iPad now working on 3G.
    My operator is 3 ITA
    iPad 1 64 GB Wi-Fi + 3G

  • HT4623 Is anybody having trouble with your ringer after installing OS 6.0 and using the new GPS system?

    Is anybody having trouble with your ringer after installing OS 6.0 and using the new GPS system?

    The good (?) news is many people are have OS 6.0.1 wifi problems.
    I could not connect to my home network.  What eventually worked for me (twice now), though it makes no sense, is to go to the particular connection you want to use, hit the little blue arrow on the right to get the details screen.  Scroll down to the bottom and change "HTTP Proxy" from "None" to "Auto".  Then leave the "URL" field that pops up blank. 
    This should not work.  However, it has for me where many other suggestions have not. 
    *shrug*
    Best of luck.

  • Has anyone had trouble with dropped calls after downloading the IOS 7

    has anyone had trouble with dropped calls after downloading the IOS 7

    I downloaded mountain lion and then iPhoto '11 in order to tap into iCloud capabilities with all of my devices. (My Mac was outdated in regards to operating platform to do this). After installing iPhoto 11, I had to repair and rebuild my library of photos.  However, after doing this, all of my albums were jumbled and, while I can see the image thumbnail, when I click on the thumbnail, and error that looks like a black triangle and gray exclamation pops up as opposed to the larger hi def image I want to view.

  • Is anyone having trouble with accessing email after upgrading to iOS 6?

    Is anyone having trouble with accessing email after upgrading to iOS 6?

    Is anyone having trouble with accessing email after upgrading to iOS 6?

  • Anyone having trouble with internet connection after downloading mountain lion

    After installing Mountain lion to my mid 2011 imac 21" I am having trouble with my internet connection.  Anyone else have to deal with this?

    Are you on 10.8.2 as ypur profile says? If so, it's worth updating to 10.8.3 which was released last week.
    http://support.apple.com/kb/DL1640
    Here's a link to some suggestions that helped some users with similar problems in Lion. May still be relevant to MLion. Also check the links within the article:
    http://osxdaily.com/2011/11/06/lion-wi-fi-problems-solution-mac/?utm_source=feed burner&utm_medium=feed&utm_campaign=Feed%3A+osxdaily+%28OS+X+Daily%29&utm_conten t=FaceBook
    Also when I had wifi problems in the past, creating a new network location resolved it:
    http://support.apple.com/kb/HT5289 (under the heading 'Making New Locations'.
    I've also seen threads where users with wifi problems have successfully solved them by changing the channel in the router's wifi settings.

  • Trouble with booting system after upgrade udev= systemd

    Hi everybody,
    I have been trouble with my system since last upgrade (udev => systemd)
    My issue is something like this: https://bbs.archlinux.org/viewtopic.php?pid=1106157 but advice from this discussion doesn't work.
    When system booting, *immediately* (very fast, too fast) display login screen after start parsing hook [udev]
    Of course, i can't login - type username and i have redraw screen again on all /dev/tty* - i have no chance to type password.
    Many invalid logins suspend init for 5 minutes and allow me see display error due stop redraw screen - libpam.so.0 cannot find.
    I suspect that, partitions aren't mount (this fast login screen doesn't have even hostname). I have a 4 discs, with many partitions - mounting
    this take a some time (+- 5 secs).
    In rescuecd, i can mount all partitions and chroot. In chroot all works fine - /bin/login (i was checked authorization on all users),
    paths and pams are ok. Of course i try ,,default rescue trick'': `pacman -Suy linux udev mkinitcpio` and 'mkinitcpio -p linux' on rescuecd
    but nothing it's changed after reboot. I checking grub config, and unpack and check initramfs-linux.img - all ok.
    In my mkinitcpio.conf ofcourse i have MODULES="ext3" (for my filesystems).
    Please help.

    crab wrote:
    This may or may not be related... but I saw this message just now during an upgrade:
    (121/168) upgrading mkinitcpio [###################] 100%
    ==> If your /usr is on a separate partition, you must add the "usr" hook
    to /etc/mkinitcpio.conf and regenerate your images before rebooting
    And am wondering what the message means by if /usr is on a separate partition - separate partition to what?  /boot? / ?
    I have my /usr partition in the same partition as /  (but /boot is in a different partition)
    Logic tells me I'm safe (haven't rebooted yet), as / is "master", and anything else is a separate partition, and I have /usr on the same partition as /.
    Do you guys have separate /usr and/or /boot partitions?  As stated in first sentence this may not be related, but looks important...
    It means separate from /. So yes, you're right, you are "safe" from having to do anything with this message on your system.
    And to the other people on this thread: make sure you do have all your packages uniformly updated, including any pam-related AUR or ABS-build packages. libpam and the pam module directory (.../lib/security) were moved from /lib to /usr/lib a little while back, so make sure that anything that cares about where these may be have been updated so they aren't confused by this move.
    Last edited by ataraxia (2012-06-03 22:40:22)

  • Trouble with PSE 11 after reinstall trial and install fullversion

    I have some trouble with my software.At first I hope you understand my miserable english . I tried out PSE11 with the trial and then I bought an fullversion. After reinstall the trial and installed the fullversion, everything is good. But when I started my PC this morning the Trial Software  opened . Some brushes ( Smartbrush ) have no available functions. What can I do ? Whats going wrong? Can you help me ?

    Close the Editor and then go to:
    C:\Program Data\Adobe\Photoshop Elements\11.0\Locale\en_us
    Delete the file:
    Mediadatabase.db3
    Then start the program again from the Editor shortcut or from the welcome screen by right-clicking and choosing “Run As Administrator”
    If you can’t find Program Data see this Microsoft link:
    http://windows.microsoft.com/en-au/windows-vista/show-hidden-files

  • I am having trouble with some of my links having images. For example, Foxfire has a picture that looks like a small world. The links in question are blank.

    I am having trouble with my links/websites having images attached to them. The place where the image should be is blank. For example, AARP has an A for its image. My storage website has a blank broken box where the image should be. I forgot I had trouble and had to reset Foxfire, this problem occurred after that reset.

    cor-el,
    Mixed content normally gives the world globe image, unless you are using a theme that uses a broken padlock instead. Maybe the gray triangle means invalid? I came across that in a few themes (what is invalid was not made clear), but those were not using triangle shapes to indicate that.
    I came across that mention in one of the pages you posted:
    * https://support.mozilla.org/kb/Site+Identity+Button
    I cannot attach a screenshot because I have not seen a triangle of any kind in my address bar.

  • Trouble with home sharing after apple tv update

    trouble with my home sharing after apple tv up date

    Same here. iPhone, Mac Mini and Apple TV3 are all up to date. Logged in and out on each device and home sharing and airplay still don't work at all. Nothing shows up in the remote app. They're all on the same network and have been. The only thing I can think of is the most recent ATV firmware update, but why would my phone be unable to see my computer??
    Any secret commands to try?

  • Has anyone had trouble with photo albums after downloading a newer version of iPhoto?

    Has anyone had trouble with photo albums and viewing photos after downloading a newer version of iPhoto?

    I downloaded mountain lion and then iPhoto '11 in order to tap into iCloud capabilities with all of my devices. (My Mac was outdated in regards to operating platform to do this). After installing iPhoto 11, I had to repair and rebuild my library of photos.  However, after doing this, all of my albums were jumbled and, while I can see the image thumbnail, when I click on the thumbnail, and error that looks like a black triangle and gray exclamation pops up as opposed to the larger hi def image I want to view.

  • WRT300N vers. 2 europe. firmware 2.00.20 trouble with loosing intenet after abourt 2 minutes

    after upgrading from firmware 2.0017 to 2.0020  i have trouble with the wireless connection to internet.
    After i have been logged on in about 2 minutes i loose connection to the internet.
    there is still wireless connection to the router.
    This has happended just after i upgraded, i had no problems before.
    Can anyone help?
    Regards

    I talked with Linksys support today about my problem and they will replace my router to a new. They have not that problem with that firmware version.

Maybe you are looking for