- The Bastion requires SSL certificate. Either in .pfx format or .crt + .key format. In order for the Bastion to be able to use the certificate the Private Key password has to be supplied (it can be encrypted).
- The certificate should be signed by a public Root CA. This is optional if using a reverse proxy in front of the Bastion with SSL offloading capabilities since the load balancer could ignore the certificate being not valid.
- The certificate needs to have Skype for Business addresses in its “Subject Alternative names” section.
- When using EWS capabilities the certificate also needs to have the EWS and Autodiscover addresses.
General
Content
Integrations