Unable to start “Skype for Business Server Front-End service”
Event viewer:
The Skype for Business Server Front-End service terminated with the following service-specific error:
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Note: Before requesting a new certificate, we need to make sure that the Root CA certificate is installed in the Trusted Root Certification Authorities under the Local Computer Certificate Store:
Also please review the expired cert before starting the wizard so that you have necessary information request in the wizards, Example shows the SANs used my cert.
Step 1 – Login to SFB Server which the cert is expired.
Open Skype for Business 2015 – Deployment Wizard and click on Install or Update SFBS Systems
Click on Request, Install or Assign Certificates >> Run
you will see exclamation marks as shown below if the cert is not valid (in our case expired)
Click on Request button, it will bring Certificate Request window, You’ll need to fill the form. It is very important to select ALL or domain for subject alternative names (My case I use my domain) Click for advance if you need to do some custom settings like ;
Create an Offline Request, Specify another CA, Specify different CA credentials, Use a different Certificate Template, Change key bit length and/or Mark the certificate private key as exportable and Add additional SAN names. After that, we will return to the initial Certificate Request screen
Review the summery if all good click on Next.
If the certificate request is successful, we get Task status: Completed:, for more information you can view the view log.
This will open the Certificate Assign wizard click on Finish
Before assignment check and validate the cert by View Certificate Details
Click on Next
If the certificate assignment successful you see tick marks as below.
Congratulation ! now you have reconfigured the cert successfully, recommend a server restart but not mandatory now you can start services manually
@roshan-
No comments:
Post a Comment